Download StealthAUDIT System Requirements and Installation

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

Document related concepts

Database wikipedia , lookup

Extensible Storage Engine wikipedia , lookup

SQL wikipedia , lookup

Relational model wikipedia , lookup

Team Foundation Server wikipedia , lookup

Microsoft Access wikipedia , lookup

Database model wikipedia , lookup

Clusterpoint wikipedia , lookup

Microsoft Jet Database Engine wikipedia , lookup

Open Database Connectivity wikipedia , lookup

Microsoft SQL Server wikipedia , lookup

Transcript
STEALTHbits Technologies, Inc.
StealthAUDIT v5.1
System Requirements
and Installation Notes
June 2011
StealthAUDIT v5.1 System Requirements and Installation Notes
Table of Contents
Overview.......................................................................................................................................... 3
Installation Overview............................................................................................................... 3
Hosting System Requirements ................................................................................................ 4
Recommended System Requirements .................................................................................... 4
Additional Steps....................................................................................................................... 5
Target Hosts............................................................................................................................. 9
Security .................................................................................................................................... 9
Ports....................................................................................................................................... 10
SMP Data Collector Matrix .................................................................................................... 10
Appendix A – Installation............................................................................................................... 13
Installing the StealthAUDIT Management Platform .............................................................. 13
Appendix B – Solution Permissions & Configuration .................................................................... 20
SMP for SharePoint Permission Requirements ..................................................................... 20
Exchange 2010 Data Collection ............................................................................................. 21
2
StealthAUDIT v5.1 System Requirements and Installation Notes
Overview
This document outlines basic requirements to successfully operate StealthAUDIT to its full capacity.
Please note that these requirements represent the optimal configuration to enable full functionality.
Failing to meet some requirements may result in StealthAUDIT functioning at a lesser capacity.
Installation Overview
StealthAUDIT installs to a single workstation or server from which data collection occurs. The application
is entirely self-contained and requires access to Microsoft® SQL Server® (2005 or greater) database to
operate. Organizations seeking more advanced data collection capabilities may seek to deploy multiple
satellite StealthAUDIT nodes and a centralized Microsoft® SQL Server® to store collected data (See Figure
1).
Figure 1 – StealthAUDIT Architecture
3
StealthAUDIT v5.1 System Requirements and Installation Notes
Hosting System Requirements
The system hosting StealthAUDIT requires only modest hardware. Hardware recommendations are
heavily influenced by:

The size and distribution of the targeted network (quantity and locations of hosts).

The complexity of each job (how much data is being returned from each host).

The frequency of scheduled job runs.

Data retention settings.
Recommended System Requirements

SMP Console Requirements
o
Windows Server® 2008 (x64)
o
Dual Core or Multiple CPU (2 GHz +)
o
4GB or more RAM
o
30+ GB Available Disk
o
100/1000Mb Network Connection
4
StealthAUDIT v5.1 System Requirements and Installation Notes
Additional Steps
There are a few additional steps that need to be completed or verified to be successful in building a
StealthAUDIT console machine:
1.
Verify availability of a Microsoft® SQL Server® instance
a.
Supported Versions
i. SQL Server® 2005 (Express (POC only), Standard, and Enterprise Editions)
ii. SQL Server® 2008 (Express (POC only), Standard, and Enterprise Editions)
b.
1.
Preferred: SQL Server® 2008 Enterprise Edition
2.
A free copy of SQL Server® 2008 Express with Tools Edition is available
by clicking here. This instance can reside on the same machine as the
StealthAUDIT console, but does not have to.
Permissions
i. StealthAUDIT requires the ability to Create, Delete, Update, Drop, Read, and
Join tables within the SQL database in order to function as expected. Full
database owner rights are recommended to ensure proper operation.
ii. If database owner rights cannot be obtained, the following script can be
executed against the StealthAUDIT database to grant the necessary
permissions to the appropriate users:
USE [<stealthaudit>]
GO
IF NOT EXISTS (SELECT * FROM sys.database_principals WHERE [type]
= 'R' AND [name] = '<SA User ID>')
EXEC sp_addrole '<SA User ID>'
GO
EXEC sp_addrolemember 'db_datareader', '<SA User ID>'
GO
EXEC sp_addrolemember 'db_datawriter', '<SA User ID>'
GO
GRANT CREATE TABLE TO [<SA User ID>]
GO
GRANT CREATE VIEW TO [<SA User ID>]
GO
GRANT ALTER ON SCHEMA::dbo TO [<SA User ID>]
GO
GRANT EXECUTE ON SCHEMA::dbo TO [<SA User ID>]
GO
GRANT INSERT ON SCHEMA::dbo TO [<SA User ID>]
GO
GRANT UPDATE ON SCHEMA::dbo TO [<SA User ID>]
GO
5
StealthAUDIT v5.1 System Requirements and Installation Notes
c.
Authentication
i. StealthAUDIT allows for the use of both SQL and Windows Authentication to
connect to the database.
1.
d.
Recommended: Windows Authentication
Database Maintenance
i. StealthAUDIT relies on a SQL backend for data storage for all of its jobs,
analysis, and actions. For disaster recovery reasons, the database should be
backed up on a scheduled basis that is acceptable for recovery of data
collection. Additionally, the backup process will flush any transaction log files.
Depending on usage volume, backup schedules should be adjusted to flush and
rd
shrink the size of the transaction logs. Please refer to Microsoft or your 3
party provider for your Microsoft SQL backup solution on how to configure and
schedule backups to clear transaction logs at an interval that meets your needs.
2.
Install Adobe® Flash®
a.
Download
i. If Flash® is not already installed you can download the software by clicking
here.
b.
Additional Info
i. STEALTHbits also recommends turning off Windows® Internet Explorer®
Enhanced Security Configuration for the administrator group if you want to be
able to render reports on the StealthAUDIT console.
3.
For Microsoft® Exchange Server data collection only
a.
Exchange Server 2000/2003
i. Install Exchange MAPI CDO objects, StealthAUDIT Exchange MAPI CDO object
extensions
1.
b.
IMPORTANT: Install Exchange MAPI CDO first, then the StealthAUDIT
Exchange MAPI CDO package second.
Exchange Server 2007/2010 or Mixed 2003/2007/2010 Environment
i. Install Exchange MAPI CDO objects, StealthAUDIT Exchange MAPI CDO object
extensions
1.
IMPORTANT: Install Exchange MAPI CDO first, then the StealthAUDIT
Exchange MAPI CDO package second.
2.
Exchange Management Console (EMC) 2007/2010 with latest updates
6
StealthAUDIT v5.1 System Requirements and Installation Notes
ii. Exchange 2010 Data Collection
1.
4.
SMP Exchange/BlackBerry/Access Information Center Prerequisites (NOT REQUIRED UNLESS
INSTALLING THE EXCHANGE, BLACKBERRY, OR ACCESS INFORMATION CENTERS)
o
Microsoft Internet Information Services (IIS) 7

5.
In order for SMP Exchange Data Collectors to work properly against
Exchange 2010, please review the configuration options that need to
be set and implement them prior to collection in Appendix B
Ensure ASP.NET and Security/Windows Authentication features are installed
o
Install .NET Framework v3.5
o
Install Microsoft SilverLight on the client where you plan to run the browser
Install the StealthAUDIT Management Platform (SMP)
a.
Console
i. Using the installation media provided to you by your STEALTHbits Account
Representative, download the executable to the system StealthAUDIT is to be
installed on.
ii. Follow the instructions in the installation wizard to install and configure the
application.
1.
b.
For more detailed instructions on how to install the StealthAUDIT
Management Platform, see Appendix A.
License Key
i. Copy and Paste the StealthAUDIT License Key (StealthAUDIT.LIC) into the root
of the installation (typically C:\Program Files\STEALTHbits\StealthAUDITV5).
1.
6.
NOTE: This key is available from your STEALTHbits Account
Representative.
StealthAUDIT Credential Sets
a.
STEALTHbits recommends using an ID with full administrative privileges to the targeted
hosts in order to maximize the amount of data that can be collected by StealthAUDIT;
however, this is not required in order for the application to function properly. If full
administrative privileges are not available, simply create a StealthAUDIT Connection
Profile using credentials with the proper rights to the information you want to collect.
Configuring Connection Profiles are performed in the Global Options of StealthAUDIT
under the Welcome\Connections node. Connection Profiles can also be created during
installation of StealthAUDIT through the installation wizard.
b. Permission Requirements
7
StealthAUDIT v5.1 System Requirements and Installation Notes
i. Windows® Auditing
1.
Local Admin
ii. Active Directory
1.
Domain Admin
iii. Exchange Auditing
1.
Exchange Admin and Local Admin
2.
Access to System Attendant Account – MAPI Authentication
iv. BlackBerry® Auditing
1.
Local Admin to the BES Server
2.
Read Access to the BES SQL Database
v. SharePoint Auditing
1.
7.
See Addendum B for full details
Publishing Reports
a.
STEALTHbits recommends leveraging a Microsoft IIS Server to publish the HTML website
and associated reports that StealthAUDIT creates for you. StealthAUDIT supports
publishing to a share within the file system as well, but please note that performance
can be affected when rendering reports containing high volumes of data due to native
browser limitations.
8
StealthAUDIT v5.1 System Requirements and Installation Notes
Target Hosts
StealthAUDIT query targets must be Microsoft® Windows® based systems with an OS minimum
requirement of Windows® 2000. Windows 9x, NT, or Home Edition hosts will be detected on the
network, but are not supported for auditing.
StealthAUDIT also provides limited support for Linux® and UNIX® host detection and auditing. Red Hat,
SUSE, and AIX are currently supported, with additional version support coming in the near future. Various
rd
3 Party storage platforms such as NetApp® Storage Controllers and EMC® Celerra devices are supported
for auditing as well. StealthAUDIT does not currently support other non-Windows hosts.
Security
StealthAUDIT leverages a snap-in Data Collector (DC) architecture. Each DC module exposes a discreet
data source (for example: the Windows Registry) and is implemented as a .DLL housed in the
StealthAUDIT\DC folder.
Each DC must connect to a target host in order to obtain data during an audit. Most Windows®
administrative data is obtained via RPC; hence, a shared RPC connection is utilized. StealthAUDIT Data
Collectors expose Windows®-based administrative data by calling into the Windows API functions in the
same way native Microsoft administration tools do. Thus, StealthAUDIT is in effect never connecting
directly to the managed host, but rather the underlying Microsoft API’s. The dependent network layers
are communicating with peer layers on the target host; providing transparent communications to the data
consumer. These connections are made in the security context of the active logged-on user or in the
context of an impersonated user via optionally supplied credentials; both domain level and target host
local accounts are supported. Supplied credentials are encrypted in a security profile using MD5
encryption and stored in the local file system.
STEALTHbits Technologies recommends providing StealthAUDIT (either through a logged-in user or
impersonation credentials) full administrative access to the target host for greatest availability of data to
collect. In some cases where this may not be possible, StealthAUDIT may still be able to successfully
obtain data from the remote host depending on the nature of the query. For example, to query large
portions of the remote registry, only user access is required.
Logged in User
DIT
AU
alth
e
tor
t
S
llec
Co
a
t
Da
Optional
User Impersonation
N
e
ativ
o
To
I
AP
ta
col
oto
User Impersonation
Da
Pr
l
Microsoft API’s and
Network Layers
o rt
nsp
Tra
rk
two
Ne
Target Host
StealthAUDIT Workstation
Figure 2 - Security and Connection Illustration
9
StealthAUDIT v5.1 System Requirements and Installation Notes
Firewalls
StealthAUDIT, via the Operating System API’s, establishes direct connections between the StealthAUDIT
host and the target host. Any firewalls between the two application layers must be configured to provide
trusted, rich access between the two hosts. In most cases where firewalls are encountered, organizations
will configure the firewall to trust the IP Address or subnet where StealthAUDIT resides.
Ports
StealthAUDIT currently supports a range of Windows and industry protocols as documented in the
following table. For proper operations, network administrators should ensure that RPC communications
are available between the StealthAUDIT console and the target hosts including:

RPC TCP ports 135-139

RPC TCP/UDP Port 445

RPC TCP ports 1024 – 1100 (dynamic)

SSH TCP port 22 (UNIX® and Linux® support)
Additional optional ports:

ICMP TCP port 7 (Ping)

HTTP TCP Port 80 (MS Patch database download)

SMTP TCP 25 (email notification / report submission)
SMP Data Collector Matrix
Data
Description
Collector
Protocols
Ports Used
Recommended
Permissions
Active
Directory
Auditing objects published in AD
LDAP
RPC

Domain Admin
AD Inventory
Inventories AD User and Group
information for correlation
purposes throughout all
StealthAUDIT Solution Sets
Auditing BlackBerry properties
and BES database information
LDAP
RPC
TCP 389
TCP 135-139
Randomly allocated
high TCP Ports
TCP 389
TCP 135-139
Randomly allocated
high TCP Ports
TCP 1433
TCP 139 and 445

Domain Admin

BlackBerry
ODBC
Remote Registry
Provides the ability to remotely
spawn, execute, and extract data
provided by Microsoft native
command line utilities.
Provides enumeration of disks
and their associated properties
RPC
Remote Registry
TCP 135-139
Randomly allocated
high TCP Ports

Local Admin to
the BES Server
Read Access to
the BES SQL
Database
Local Admin
RPC

Local Admin
DNS
Provides information regarding
DNS configuration and records
RPC

Domain Admin
Event Log
Provides search and extraction of
details from event logs on target
system
RPC
TCP 135, Randomly
allocated high TCP
Ports
TCP 135, Randomly
allocated high TCP
Ports
TCP 135, Randomly
allocated high TCP
Ports


Local Admin
Domain Admin if
targeting Domain

Command
Line Utility
Disk
10
StealthAUDIT v5.1 System Requirements and Installation Notes
MAPI over RPC
File
File and folder enumeration,
properties, permissions
RPC
File System
Access (FSAA)
Access rights via Shares, Folders,
and Policies
RPC
Group Policy
Auditing GPO settings and
properties
LDAP
RPC
INIFile
INI and INF file content search
and extraction
RPC
LDAP
Search for and extract Active
Directory and Exchange 5.5
directory properties
Query ODBC compliant databases
for tables and table properties
Provides patch verification and
optional automatic bulletin
downloads from Microsoft
Perfmon
Performance monitor counter
data samples
PRC
PowerShell
Provides PowerShell Script exit
from StealthAUDIT
Enumeration and extraction from
remote registries
N/A
Provides VB Script exit from
StealthAUDIT
Enumeration, status and settings
from remote services
N/A
SharePoint
Access
Assesses access rights throughout
the SharePoint infrastructure
SP Web Services
MS SQL
Remote Registry
SharePoint
Content
Assesses SharePoint content
related information
SharePoint
Activity
Assesses access activity details
within SharePoint
SMARTlog
Provides search and extraction of
Services
Local Admin


Local Admin
Domain Admin

Domain Admin

Local Admin

Domain Admin
TCP 1433

TCP 135-139
Randomly allocated
high TCP Ports
TCP 80
TCP 7
TCP 135-139
Randomly allocated
high TCP Ports
N/A

Database Read
Access
Local Admin

Local Admin

N/A
TCP 135-139
Randomly allocated
high TCP Ports
N/A

Local Admin

N/A
TCP 135-139
Randomly allocated
high TCP Ports
MS SQL (connection
string) read from
Registry on SharePoint
Server

Local Admin

Remote read
access to
SharePoint
server’s registry
Read access to
configuration
database
Read All
permissions for
each web app
policy in
SharePoint farm
Local Admin
RPC
HTTP
ICMP
Provides statistical, content, and
permission reporting on
mailboxes and public folders
Provides metrics information
from Exchange tracking logs
Script

ODBC
Exchange
Mailbox /
Public Folder
Exchange
Metrics
Registry
Local Admin
Domain Admin
LDAP
RPC
LDAP
Patch Check




Provides Exchange
2000/2003/2007/2010 admin
property extraction
ODBC

Controllers
Exchange Admin
Domain Admin for
Active Directory
property
collection
Exchange Admin
TCP 135-139,
Randomly allocated
high TCP Ports
TCP 389
Optionally TCP 445
TCP 135, Randomly
allocated high TCP
Ports
TCP 135, Randomly
allocated high TCP
Ports
TCP 135-139,
Randomly allocated
high TCP Ports
Optionally TCP 445
TCP 135-139,
Randomly allocated
high TCP Ports
Optionally TCP 445
TCP 389
TCP 135-139
Randomly allocated
high TCP Ports
TCP 135-139,
Randomly allocated
high TCP Ports
Optionally TCP 445
TCP 389
E2K
(Exchange
Configuration)
RPC
RPC
RPC

SP Web Services (web
app urls) read from
SharePoint
configuration database
RPC
TCP 135, Randomly
11


StealthAUDIT v5.1 System Requirements and Installation Notes
SQL
details from Windows® Event
Logs (online or offline) and
Microsoft® Internet Information
Server® (IIS) logs
SQL database configuration,
permissions, and data extraction
ODBC
Remote Registry
allocated high TCP
Ports

Domain Admin if
targeting Domain
Controllers
TCP 1433

TCP 135-139
Randomly allocated
high TCP Ports
TCP 135-139
Randomly allocated
high TCP Ports
TCP 22
User configurable

Local Admin to
SQL Server
Read access to
SQL Database
Local Admin

Local Admin

ROOT
RPC
TCP 135-139
Randomly allocated
high TCP Ports


RPC
TCP 135-139
Randomly allocated
high TCP Ports

Local Admin
Domain Admin if
targeting Domain
Controllers
Local Admin

SystemInfo
A collection of various properties
RPC
Text Search
Enables searching through text
based log files
RPC
Unix
Host inventory, Software
inventory, logical volume
inventory on UNIX® & Linux®
platforms
Auditing user and group
accounts, both local and domain.
Extracting system policies
SSH
Browsing and extraction of WMI
objects and properties
Users &
Groups
WMI
i
12
StealthAUDIT v5.1 System Requirements and Installation Notes
Appendix A – Installation
Installing the StealthAUDIT Management Platform
Step 1:
Step 2:
Part 1 of 2 – SMP Installation Wizard
After downloading StealthAUDIT, run the installation wizard by double-clicking
StealthAUDIT.exe:
Accept the End User License Agreement to advance to the next step in the installation
process.
13
StealthAUDIT v5.1 System Requirements and Installation Notes
Step 3:
Choose which product components to install and which directory the application should
be installed in:
Step 4:
Click “Next” on the “Ready to Install the Application” menu to begin the installation
process:
Step 1:
Part 2 of 2 – SMP Configuration Wizard
After the installation has completed, the following screen will appear allowing for the
configuration of a new StealthAUDIT instance or the migration/upgrade of a previous
version installed on the same system.
14
StealthAUDIT v5.1 System Requirements and Installation Notes
For first time users, select “I am a first time StealthAUDIT user” and then select OK.
Step 2:
In the “Welcome: Initial Settings” wizard, select “next” to begin the process of setting up a
database profile, connection credentials, and an initial discovery query to identify systems
in the environment:
Step 3:
In the “SQL Server Settings” menu, enter the following information to create a
StealthAUDIT Database Profile:



Server Name – The name of the SQL Server you plan to create a database on
Instance Name – The name of the SQL Instance the database will be created on
Authentication Mode – SMP supports both Windows and SQL Authentication
15
StealthAUDIT v5.1 System Requirements and Installation Notes

Step 4:
methods. If using SQL Authentication, input a User Name and Password, otherwise,
SMP will leverage the credentials currently running the application through Windows
Authentication.
Database – Choose to create a new database or leverage an existing StealthAUDIT
database if present.
In the “Connection Settings” menu, choose to either leverage the credentials currently
being used to the log into the StealthAUDIT console server or create a connection profile
containing different credentials such as a service account created for StealthAUDIT:
16
StealthAUDIT v5.1 System Requirements and Installation Notes
Step 5:
In the “Query Sources – Host Discovery Source” menu, select the method you’d like to use
for discovering your environment. Your choices at initial setup are limited to the
following:



Scan your IP network
Browse your Windows Network Neighborhood
Query an Active Directory Server
o General AD Query – Best used for discovering machines contained in
multiple locations within the AD structure (i.e. Desktops and Servers)
o Exchange Servers Only – Best used for discovering just Exchange Servers
o Domain Controllers Only – Best used for discovering just Domain
Controllers
*If you’d like to import your machine listings from a text file, .csv file, or another database,
hit cancel and configure your discovery query through the Host Management node in the
left-side tree menu.
After selecting your method of discovery, configure the options to define which machines
you’d like StealthAUDIT to discover and inventory (See Active Directory example below)
17
StealthAUDIT v5.1 System Requirements and Installation Notes
Step 6:
In the “Instant Job” menu, select the instant solutions you’d like to install into your job
tree.
Step 7:
Click FINISH in the “Summary” menu and then FINISH again when the Instant Solution has
finished its installation.
18
StealthAUDIT v5.1 System Requirements and Installation Notes
Step 8:
Finally, select whether or not you’d like the Host Discovery query to run now or later to
finish the initial configuration process.
19
StealthAUDIT v5.1 System Requirements and Installation Notes
Appendix B – Solution Permissions & Configuration
SMP for SharePoint Permission Requirements
The following details the permissions that need to be granted to a domain user in order for them to be
used as the connection profile account of StealthAUDIT to run the SharePoint jobs. These instructions
assume administrative knowledge of SharePoint and access to the servers which are hosting the
SharePoint farms which need to be audited.
To configure your SharePoint connection profile user you must do the following:







Add it as a member of local Backup Operator group on a SharePoint application server for the
farm that will be audited in order to access registry remotely. By default only members of Local
Administrators and Backup Operators has access to remote registry so Backup Operators group
provides least privilege.
Add it as a member of local WSS_WPG group on the same SharePoint application server(s).
Members of this group have read access to system resources used by Microsoft SharePoint
Foundation 2010.
Grant the user Full read on every web application through a web application policy. This is done
through Central Administration. I can show you how to do this if you need.
Add the user as a Site Collection administrator in Central Administration site collection in case if
you need scan Central Administration (also do this for the Help site collection in SharePoint
2010). If the customer doesn’t care about monitoring Central Admin then this can be skipped.
Grant the user WSS_Content_Application_Pools role and db_datareader role in configuration
database for each farm.
Grant the user the db_datareader role on every content database for a farm.
Execute the following script against every content database in the farm, replacing
“DOMAIN\USER” with the account being configured:
grant
grant
grant
grant
grant
grant
grant
grant
grant
execute
execute
execute
execute
execute
execute
execute
execute
execute
on
on
on
on
on
on
on
on
on
proc_ListAllWebsOfSite to "DOMAIN\USER"
proc_GetWebId to "DOMAIN\USER"
proc_SecListSiteGroupMembership to "DOMAIN\USER"
proc_SecListAllSiteMembers to "DOMAIN\USER"
proc_SecListAllWebMembers to "DOMAIN\USER"
proc_SecListSiteGroups to "DOMAIN\USER"
proc_SecGetRoleAssignments to "DOMAIN\USER"
proc_SecGetRoleBindingsForAllPrincipals to "DOMAIN\USER"
proc_SecGetSecurityInfo to "DOMAIN\USER"
20
StealthAUDIT v5.1 System Requirements and Installation Notes
Exchange 2010 Data Collection
For Microsoft Exchange Server 2010, all communication to the private and public stores must go through
a Client Access Server. Due to these changes, additional properties have been added to SMP Data
Collectors requiring configuration changes that need to be set before being able to collect data from
Exchange 2010 servers.
Welcome Settings:
A user alias needs to be set for each query that requires this information. This can be done at the top
level for job configuration. The user alias can be any mail-enabled Exchange 2010 account that is utilized
for connection to the Exchange Server. It does not need escalated privileges to Exchange.
Public Folder Queries:
In the Public Folder data collector, specific settings need to be set for the Public Folder data collection to
work properly against Exchange 2010.
1.
The user alias will need to be set unless it has been set at the Global Level
21
StealthAUDIT v5.1 System Requirements and Installation Notes
2.
A Client Access Server needs to be set so the data collector can connect to it to access the public
store for Exchange 2010.
3.
The Option to “Process folders that physically reside on the target server only” needs to be
unchecked. Since Exchange 2010 supports public folders in a different manner than previous
versions of Exchange, the data collector currently targets the entire hierarchy of the public
folders. Since this is the case, the query only needs to be run against one public folder server
that contains the entire hierarchy.
22
StealthAUDIT v5.1 System Requirements and Installation Notes
Exchange Mailbox Data Collection
Data collection for Exchange Mailboxes for 2010 is similar to how the Public Folder data collection works.
1.
The user alias will need to be set unless it has been set at the Global Level
2.
A Client Access Server needs to be set so the data collector can connect to it to access the private
store for Exchange 2010. Once the CAS server is entered, you can choose “Select from this
Server:” and type in a mailbox server to connect and view the mailboxes on that server.
Alternatively, navigate back to the Welcome page of the query and type in a mailbox server in
the “Test Connection Setting” box to test your connection to Exchange.
23
StealthAUDIT v5.1 System Requirements and Installation Notes
Exchange2k Data Collection
The following categories within the Exchange2K data collector need the properties set for data collection
from Exchange 2010 servers.





Exchange Organization
o Users
Mailbox Stores
Public Folders
OrphanedMailboxes
OrphanedPublicFolders
1.
The user alias will need to be set unless it has been set at the Global Level
2.
A Client Access Server needs to be set so the data collector can connect to it to access the private
store for Exchange 2010.
24
StealthAUDIT v5.1 System Requirements and Installation Notes
i
STEALTHbits and StealthAUDIT are trademarks of STEALTHbits Technologies, Inc. BlackBerry and BES are trademarks of Research In
Motion Limited. Microsoft, Active Directory, Exchange, and Windows are registered trademarks of Microsoft Corporation in the
United States and other countries. Celerra is a trademark of the EMC Corporation. All other trademarks are the trademarks or
registered trademarks of their respective owners.
25