Documentation

How MSPControl Works


MSPControl is a modular, web-based control panel for service providers. Its architecture is composed of six essential components that work together to manage hosting environments, user access, and automation tasks.

  • Portal
  • Enterprise Server
  • Server
  • Scheduler
  • End-User Portal (WebDAV Portal)
  • Windows Agent (Autopilot)

Each component is a web application hosted on IIS 7.0 or higher, operating independently but connected via REST web services.

How MSPControl Works


Portal

The Portal is the primary user interface (UI) of MSPControl. Built as an ASP.NET application, it contains no business logic itself. Instead, it interacts with the Enterprise Server via REST APIs. Every user action—such as clicking a button—triggers a web service call.

This application is publicly accessible and hosted in an IIS application pool with a limited-permissions identity, providing secure access to end-users and administrators.


Enterprise Server

The Enterprise Server is the logic core of MSPControl. It handles all backend processing and relies on SQL Server for data storage (e.g., users, hosting plans, service configs).

It exposes all operations via REST APIs, enabling integration with third-party tools (.NET, PHP, Java, Perl). It also forwards requests to the Server component to perform actual system changes.

For security, the Enterprise Server usually listens only on internal addresses and runs in a low-privilege IIS pool.


Server

The Server component performs system-level tasks like managing IIS, file permissions, databases, and mail services. It acts as a remote agent installed on each managed server in the infrastructure.

This web app has no UI and must run in an application pool with administrative privileges (e.g., local Administrators group). It’s essential for provisioning and maintaining hosted services.


Scheduler

The Scheduler is a Windows Service responsible for background automation. It runs scheduled tasks such as usage calculations, reporting, and archive maintenance. It communicates with the Enterprise Server to fetch or trigger actions.


End-User Portal (WebDAV Portal)

The WebDAV Portal provides self-service capabilities for Active Directory users. It includes:

  • Editing user profile information
  • Accessing and managing cloud folder content
  • Password reset functionality

It runs as a web interface and integrates with AD and cloud storage endpoints securely.


Windows Agent

The Windows Agent (Autopilot) is a service installed on managed Windows servers or endpoints. It enables patching, firewall setup, monitoring, and automated configuration. It extends MSPControl’s capabilities beyond the datacenter to remote infrastructure.


Best Practices

  • Ensure all IIS pools are configured with appropriate identity levels (weak vs. admin).
  • Restrict external access to the Enterprise Server and Server components.
  • Keep SQL Server backed up regularly to protect control panel data.
  • Monitor the Scheduler service to ensure task execution is consistent.