Create a report to locate all of the directly assigned user permissions in a particular NCP scan target.
The customer has a number of volumes where the trustees should only ever be assigned granted via groups. They need a report to locate any permissions that have been granted to the individual user object, so that it can be evaluated.
The scope of the query to limited to NCP trustees in the desired scan target. The scan_target will need to be modified to make it work based on the environment.
Create a report that will display all NCP Trustees in eDirectory.
The customer wanted to create a catalog of the NCP trustees for reference purposes.
The scope of the query is eDirectory Tree wide, but can be limited to a particular path by adding a simple where clause.
*Starting in version 2.6.0, the "srs.active_ncp_trustees" database view has been renamed to "srs.current_ncp_trustees". While the "active" version will still with version 3.0 work it has been deprecated.
How when using the srs.current_ntfs_aces view can I report on the ACES without inheritance?
The srs.current_ntfs_aces view includes a field called ace_flags which is a value mask. If this ace_flags value when ANDed with the a decimal value of 16 is equal to 16 than the ACE is inherited. If we therefore mask off that bit mask we can filter off the inherited values.