Suspect Permissions: An evaluation of direct user-assigned trustees in NCP.

Details

Summary

Create a report to locate all of the directly assigned user permissions in a particular NCP scan target.

Back Story

The customer has a number of volumes where the trustees should only ever be assigned granted via groups. They need a report to locate any permissions that have been granted to the individual user object, so that it can be evaluated.

Information

The scope of the query to limited to NCP trustees in the desired scan target. The scan_target will need to be modified to make it work based on the environment.

Code
  SELECT
    q.fullpath,
    q.trustee_fdn,
    q.rights_string,
    q.t_count
FROM
    (SELECT ncp.trustee_fdn,
      ncp.rights_string,
      ncp.fullpath,
      ncp.trustee_type,
      ncp.scan_target,
      count(*) OVER (PARTITION BY ncp.trustee_fdn) AS t_count
    FROM srs.current_ncp_trustees AS ncp) AS q
WHERE
    (q.t_count > 1) AND
    (q.scan_target LIKE ('\\CCC4\SHARE') ESCAPE '#') AND
    (q.trustee_type IN (1))
ORDER BY
    q.t_count DESC, q.trustee_fdn 
 
 
Author
rlagger
Last modified
Friday, July 20, 2018 - 09:58
Properties
Minimum Version
Report Category
Includes a Report Layout
Yes
Databases
Tags
Rating
  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 1
Downloads
AttachmentSize
User-Direct-Permission-NCP.zip12.11 KB
Sample Report
Preview Images