Suspect Permissions: An evaluation of direct user-assigned trustees in NCP.

Suspect Permissions: An evaluation of direct user-assigned trustees in NCP.

Details

Summary

Create a report to locate all of the directly assigned user permissions in a particular NCP scan target.

Back Story

The customer has a number of volumes where the trustees should only ever be assigned granted via groups. They need a report to locate any permissions that have been granted to the individual user object, so that it can be evaluated.

Information

The scope of the query to limited to NCP trustees in the desired scan target. The scan_target will need to be modified to make it work based on the environment.

Code
 SELECT
    q.fullpath,
    q.trustee_fdn,
    q.rights_string,
    q.t_count
FROM
    (SELECT ncp.trustee_fdn,
      ncp.rights_string,
      ncp.fullpath,
      ncp.trustee_type,
      ncp.scan_target,
      count(*) OVER (PARTITION BY ncp.trustee_fdn) AS t_count
    FROM srs.current_ncp_trustees AS ncp) AS q
WHERE
    (q.t_count >= 1) AND
    (q.scan_target LIKE ('\\QT-OES1\DATA') ESCAPE '#') AND
    (q.trustee_type IN (1, 2))
ORDER BY
    q.t_count DESC, q.trustee_fdn 
Author
rlagger
Last modified
Friday, April 26, 2024 - 12:48
Properties
Supported Version
Report Category
Includes a Report Layout
Yes
Tags
Downloads
AttachmentSize
User-Direct-Permission-NCP.zip12.23 KB
Sample Report
AttachmentSize
User Direct Permissions NCP.pdf222.35 KB
Preview Images