Summary

Create a report to locate all of the directly assigned user permissions, excluding designated folders like home folder targets. This report is designed to work with version 4.1 and the File System Paths technology. The paths designated in the File System Paths list for this report will be excluded from the results.

Back Story

The customer has a number of shares where the trustees should only ever be assigned or granted to groups. 

Details

Summary

How when using the srs.current_ntfs_aces view can I report on the ACEs without inheritance, within a particular path?

Explanation

The srs.current_ntfs_aces view includes a field called ace_flags which is a value mask.

If the bit flag with a value of 16 is present, then the ACE is inherited. Filtering out inherited ACEs is a simple matter of checking that this flag is off.

Details

Summary 

This report combines file extensions in to categories. The report uses the srs.current_fs_scandata database view which limits the scope to current scans only. This recipes comes in two styles, either Detailed or Summary. Each version of the report comes with a report layout.

Version 3.6 - 4.0

The report is further limited by the sd.fullpath LIKE portion of the sql where clause. If you remove it, the report will run across all current scan_data.

Summary

This report utilizes the new added file content hash feature of version 4.0.  The 4.0 scan policy definition gives a new option to Generate file content hashes for All Files or Files uploaded since the last scan.  This option prompts the AgentFS to generate a SHA256 hash of the file content and store the hash in the database where it can be compared against other files that match in content.

New with version 4.1 is the ability to manage the report paths outside of the query via the Report Designer. 

Summary

How when using the srs.current_ntfs_aces view can I report on the ACEs without inheritance?

Explaination

The srs.current_ntfs_aces view includes a field called ace_flags which is a value mask.

If the bit flag with a value of 16 is present, then the ACE is inherited. Filtering out inherited ACEs is a simple matter of checking that this flag is off.

Find files where the owner is an unresolved or orphaned SID.  Just change the scan_target line to make the query work for your environment.

Background

A customer needed to create a report for management that shows the file and folder counts, the users quota, and how much of their quota was being used. This customer wanted all empty directories to be ignored.

This custom query shows a summary of the folders in the path provided on line 7. The report summaries the file and folder counts, size used, the quota value set, and the quota remaining.

Note: This query is written for Active Directory and can be modified for use with eDirectory.