Suspect Permissions: An evaluation of direct user-assigned trustees in NCP.
Create a report to locate all of the directly assigned user permissions in a particular NCP scan target.
The customer has a number of volumes where the trustees should only ever be assigned granted via groups. They need a report to locate any permissions that have been granted to the individual user object, so that it can be evaluated.
The scope of the query to limited to NCP trustees in the desired scan target. The scan_target will need to be modified to make it work based on the environment.
SELECT q.fullpath, q.trustee_fdn, q.rights_string, q.t_count FROM (SELECT ncp.trustee_fdn, ncp.rights_string, ncp.fullpath, ncp.trustee_type, ncp.scan_target, count(*) OVER (PARTITION BY ncp.trustee_fdn) AS t_count FROM srs.current_ncp_trustees AS ncp) AS q WHERE (q.t_count >= 1) AND (q.scan_target LIKE ('\\QT-OES1\DATA') ESCAPE '#') AND (q.trustee_type IN (1, 2)) ORDER BY q.t_count DESC, q.trustee_fdn