Summary

Create a report to locate all of the directly assigned user permissions, excluding designated folders like home folder targets. This report is designed to work with version 4.1 and the File System Paths technology. The paths designated in the File System Paths list for this report will be excluded from the results.

Back Story

The customer has a number of shares where the trustees should only ever be assigned or granted to groups. 

Details

Summary

How when using the srs.current_ntfs_aces view can I report on the ACEs without inheritance, within a particular path?

Explanation

The srs.current_ntfs_aces view includes a field called ace_flags which is a value mask.

If the bit flag with a value of 16 is present, then the ACE is inherited. Filtering out inherited ACEs is a simple matter of checking that this flag is off.

Details

Summary

Version 4.0 introduced the ability to scan and report on Microsoft 365 storage repositories. These include SharePoint document libraries, OneDrive for Business drives, and Team drives.

This report focuses on files that are located in Team chat file locations.

Details

Summary

New with version 4.0 is the ability scan your Microsoft 365 tenent.  The filename extension report helps you see what applications are being used, by way of the filename extensions used.

This report includes both the summary and detail sections you maybe used to from the built-in reports. The query can be filtered by drive_categories by modifying line 53.

Details

Summary

New with version 4.0 is the ability to scan for truely duplicated files in Microsoft 365. Version 4.0 collects the content hash from the files in Microsoft 365 so that the duplicates can be found and remediated.

Details

Duplicated files can be simply redundant taking up extra space or they can be a security risk. Files get downloaded from SharePoint where the security is more regulated to someones OneDrive or MySite and then shared. This could potentially be a big problem.

Details

Summary

New with version 4.0, comes the ability to scan your Microsoft 365 tenant and create reports from the data found in the Document Libraries and One Drive File Systems.

This report focuses on the when the files in the desired drive_categores were last modified by year.  The report layout includes both Summary and the Detailed Reports.

Details

Summary

This report capitalizes on the ability of version 4.0 to scan your OneDrive for Business storage. Individuals within your company may be sharing out your companies IP with little regard for security.  This report is limited to the list of all sharing links located with discovered User OneDrive for Business drives, and does not include Direct Access permissions.

Details

Summary 

This report combines file extensions in to categories. The report uses the srs.current_fs_scandata database view which limits the scope to current scans only. This recipes comes in two styles, either Detailed or Summary. Each version of the report comes with a report layout.

Version 3.6 - 4.0

The report is further limited by the sd.fullpath LIKE portion of the sql where clause. If you remove it, the report will run across all current scan_data.

Summary

This report utilizes the new added Microsoft 365 scanning features of version 4.0.  The 4.0 tenant scan prompts the new Agent365 to collect a hash of the file content and store the hash in the database where it can be use to compare against other files that match in content.

This query is designed to show show the different joins work together to get the desired data.