I have created a user review for reviewing AD groups because
of the preferred functionality and am trying to build a report that will show
all items that were reviewed along with what action was taken. If a revoke action
was requested I would like to include if this change request has been completed.
I can create a report using the “V.AVR_ER_ITEM_DETAIL” table
as used by the out of the box “Revocation Report” but it does not show the AD account
(e.g. System account) that has the entitlement but only the identity that it is
linked.
I cannot find anything in this table view that specifies the
account AD account being reviewed only the identity it’s linked to. If I can find which table holds this information I can then link this back to the to the “CHANGE_REQUEST” table to include if the revoke action has been
completed.
My final report should show the following:
Review Name
Account
Identity (Identity the account has been linked to)
Action (Revoke, Maintain)
Comments
Timed access
Review start date
Review completion date
Status (Remediation completed, available or cancelled)
Any help would be greatly appreciated
I have now managed to create the report I was after using the
Public Database Schema Reference.PDF guide.
The tables I used were :
PV_REVIEW_COMPONENT
PV_REVIEW
PV_CHANGE_REQUEST_DETAIL
V_REVIEW_RESULTS
PV_CHANGE_REQUEST