This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SecurID® Governance & Lifecycle Recipes

SecurID Governance & Lifecycle recipes is a collection of items, to help you get the most out of your product deployment. For example, a useful report with the SQL to implement or a way to achieve some advanced rule processing.

RSA IGL Recipes: Chart - AD Orphan Account Summary

RSA IGL Version: V 7.2.x

Modules: Governance

Product Area: Charts, Single Series (Applied to Active Directory Summary Dashboard)

Associated Dashboards & Reports:

Time to apply: ~20 minutes

Summary

This chart provides key information about all AD accounts and those which are orphaned. 

The goal of this chart is to understand the risk of potential Orphan accounts to the business. 

The chart can be used by Admin/AD Teams to be get better visibility into the total orphan accounts within AD.

This chart requires the key word: "addashboard" to be added within the description of the AD Account Collector. 
This key word can be added to more than one Account Collector if required.
pastedImage_6.png

Other useful links

 

Example Image (Click to enlarge)

pastedImage_2.png

 

Key Notes

  • This chart/report/dashboard is supplied "as is" - any modification of this item is done at your own risk. 
  • This chart has an associated report, please ensure you create this too
  • If you have issues applying this chart/report/dashboard, please comment below for help, DO NOT contact the RSA Support team.
  • If you would like more assistance with this chart/report/dashboard or for help in creating other chart/report/dashboards, then RSA Professional Services (RSA PS) is available to help.
    • Please contact your RSA Account Manager or local RSA Sales Rep or reply below for further assistance.

 

Details

This chart includes a breakdown of accounts within AD and those who are orphan or have an owner.

The value are shown as a percentage, however if you move over the Pie chart, it will also show the exact value.

 

Chart SQL

First test this in your query tool (SQLDeveloper, Toad etc..)

(select Information, sum(Total) from 
(select
    'Orphaned' as Information,
    count(distinct pA.NAME)as Total
from avuser.PV_ACCOUNT pA, avuser.V_DATA_COLLECTORS vDC
where pA.ADC_ID = vDC.ID
and LOWER(vDC.DESCRIPTION) LIKE '%addashboard%' 
and pA.deletion_date is null
and pA.orphaned_date is not null)
group by Information
UNION ALL
select Information, sum(Total) from 
(select
                'Not Orphaned' as Information,
                count(distinct pA.NAME)as Total
    from avuser.PV_ACCOUNT pA, avuser.V_DATA_COLLECTORS vDC
where pA.ADC_ID = vDC.ID
and LOWER(vDC.DESCRIPTION) LIKE '%addashboard%' 
and pA.deletion_date is null
and pA.orphaned_date is null
) group by Information
)‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

 

Example of the results:

pastedImage_8.png

 

Chart Implementation

  1. Log into RSA IGL as a user who can create charts. In my example, im using AveksaAdmin
  2. Go to "Reports" / "Charts"
  3. Select "+ Create Chart" button
    pastedImage_4.png
  4. Under the "General Tab" add the following details:
    • Name: AD - Orphan Account Summary
    • Description:

      From RSA IGL Link Community. This chart displays the percentage of orphan and non-orphan accounts against the primary Active Directory.

      Note: This chart requires the key word: "addashboard" to be added within the description of the Account Collector.

    • Type = Single Series Chart
      pastedImage_10.png

  5. Under the "Query" Tab, copy the SQL from above.
  6. "Press the "Preview" button, you should see some results, as per the example image below.
    If you get an error at this stage, please test your SQL in a Query tool, like "SQL Developer" or "SQL Squirrel" to ensure it works first. 
    If it still doesn't work, please share your SQL and a screen shot of the issue below. DO NOT contact RSA Support 
    pastedImage_9.png
  7. Under the "Columns" Tab, please use the configuration shown in the image below
    pastedImage_11.png

  8. Under the "Display Attributes" tab, you should select "PIE 2D". Please also apply these settings, however you can update the wording with what is best for you.
    • Under "Title and Axis Names"
      • Caption: AD - Orphan Account Summary
      • Sub Caption: NOTE: Run Tabular Report 'AD Orphan Accounts' for full list of orphan accounts


    • Under "Functional attributes"
      • Palette: 1
      • Select "Show percent values" = Ticked
      • Select "Animation" = Ticked
        pastedImage_13.png

        There are MANY other "display attributes" you can play with on this screen, so please update and make changes as you see fit. 
  9. Save the new chart

pastedImage_14.png

Next Steps

  • Please "hit reply" and share your feedback - we would love to see an image of this working in your environment!
  • Check out the other content found on the RSA IGL Recipes page: RSA Identity Governance & Lifecycle Recipes 

    Thank you! 

 

Dont forget:
Please login, then "Like"  and "Actions/Follow" this page (Top Right), so as to receive updates and be notified if we modify/change items found here, in future.
pastedImage_4.png
Labels (1)
Was this article helpful? Yes No
No ratings
Version history
Last update:
‎2020-12-07 08:19 AM
Updated by:
Employee (Retired) Employee (Retired)
Contributors

Related Content

Article Dashboard
© 2023 RSA Security LLC or its affiliates. All rights reserved.