RSA IGL Version: V 7.2.x
Modules: Governance
Product Area: Tabular Reports (Applied to Active Directory Summary Dashboard)
Associated Dashboard & Chart:
Time to apply: ~20 minutes
This report provides information about key AD groups.
The goal of this report is to understand AD groups which might need an action taken.
The report can be used by Admin/AD Teams to be understand the risk AD groups.
This report requires the key word: "addashboard" to be added within the description of the AD Account Collector.
This key word can be added to more than one Account Collector if required.
This report includes information about AD groups, which may need investigation:
First test this in your query tool (SQLDeveloper, Toad etc..)
(select * from(
select
'Never Reviewed Groups' as Status,
vag.name as "Group Name",
vag.cas3 as "Unique Name"
from Avuser.V_ALL_GROUPS vAG
left join avuser.V_DATA_COLLECTORS vDC
on vAG.ADC_ID = vDC.ID
where LAST_REVIEWED_DATE is null
and DELETION_DATE is null
and lower(vDC.DESCRIPTION) like '%addashboard%'
union all
select distinct
'Empty Groups' as Status,
vAG.name as "Group Name",
vag.cas3 as "Unique Name"
from Avuser.V_ALL_GROUPS vAG
left join
(select distinct
GROUP_ID
from avuser.V_GRP_MEMBERSHIPS vGM
) vGM
on vGM.GROUP_ID = vAG.id
left join avuser.V_DATA_COLLECTORS vDC
on vAG.ADC_ID = vDC.ID
where vGM.group_id is null
and vAG.DELETION_DATE is null
and lower(vDC.DESCRIPTION) like '%addashboard%'
union all
select
'Groups Without Owner' as Status,
vAG.name as "Group Name",
vag.cas3 as "Unique Name"
from Avuser.V_ALL_GROUPS vAG
left join avuser.V_DATA_COLLECTORS vDC
on vAG.ADC_ID = vDC.ID
where OWNER_ID is null
and DELETION_DATE is null
and lower(vDC.DESCRIPTION) like '%addashboard%')
group by Status, "Group Name", "Unique Name"
order by Status asc)
Example of the results:
If you get an error at this stage, please test your SQL in a Query tool, like "SQL Developer" or "SQL Squirrel" to ensure it works first.
If it still doesn't work, please share your SQL and a screen shot of the issue below. DO NOT contact RSA Support
Dont forget:
Please login, then "Like"
and "Actions/Follow" this page (Top Right), so as to receive updates and be notified if we modify/change items found here, in future.