This report utilizes the new added Microsoft 365 scanning features of version 4.0. The 4.0 tenant scan prompts the new Agent365 to collect a hash of the file content and store the hash in the database where it can be use to compare against other files that match in content.
This query is designed to show show the different joins work together to get the desired data.
This report utilizes the new added file content hash feature of version 4.0. The 4.0 scan policy definition gives a new option to Generate file content hashes for All Files or Files uploaded since the last scan. This option prompts the AgentFS to generate a SHA256 hash of the file content and store the hash in the database where it can be compared against other files that match in content.
New with version 4.1 is the ability to manage the report paths outside of the query via the Report Designer.
Create a report to locate all of the directly assigned user permissions in a particular NCP scan target.
The customer has a number of volumes where the trustees should only ever be assigned granted via groups. They need a report to locate any permissions that have been granted to the individual user object, so that it can be evaluated.
The scope of the query to limited to NCP trustees in the desired scan target. The scan_target will need to be modified to make it work based on the environment.
How when using the srs.current_ntfs_aces view can I report on the ACEs without inheritance?
The srs.current_ntfs_aces view includes a field called ace_flags which is a value mask.
If the bit flag with a value of 16 is present, then the ACE is inherited. Filtering out inherited ACEs is a simple matter of checking that this flag is off.
Create a report that will display all NCP Trustees in eDirectory.
The customer wanted to create a catalog of the NCP trustees for reference purposes.
The scope of the query is eDirectory Tree wide, but can be limited to a particular path by adding a simple where clause.
*Starting in version 2.6.0, the "srs.active_ncp_trustees" database view has been renamed to "srs.current_ncp_trustees". While the "active" version will still with version 3.0 work it has been deprecated.
This code finds files within a scan target where the owner is either NULL, [Nobody], [Supervisor], or [UNKNOWN] instead of an FDN in eDirectory.
Find files where the owner is an unresolved or orphaned SID. Just change the scan_target line to make the query work for your environment.
Copyright © 2024, Condrey Corporation