Reports Permitted for Each Administrative Role

Administrative permissions determine which reports each administrator can run. Each predefined administrative role has default reporting permissions.The following table lists the default permissions for the predefined administrative roles, and the reports that each role has permission to run. You can modify a predefined role if you want it to have broader scope.

Note: Administrators who do not have view permissions for security domains have limited reporting capabilities. RSA recommends that you allow administrators to view security domains.

Administrator Role

Report Name

Help Desk Admin

User Admin

Agent Admin

Security Domain Admin

Super Admin

Administrator Activity

X

Administrators of a Security Domain

X

X

X

X

Administrators with a Specified Role

X

X

Administrators with Fixed Passcode

X

X

X

X

Agents not updated by auto-registration more than a given number of days

X

X

X

X

Agents with Unassigned IP Address

X

X

X

X

All User Groups

X

X

X

X

All Users

X

X

X

X

Authentication Activity

X

Distributed Token Requests

X

Expired User Accounts

X

X

X

X

Imported Users and Tokens Reports

X

X

X

X

List all RADIUS clients

X

X

List All Authentication Agent Records

X

X

X

X

List All Installed Agents

X

X

X

X

List all RSA Agent with assigned RADIUS client/RADIUS server

X

X

X

X

List all RSA Agents with assigned RADIUS profile

X

X

X

X

List all User Alias

X

X

X

X

List all Users with assigned RADIUS profile

X

X

X

X

Object Lifecycle Activity (Non User/User Group)

X

Risk-Based Authentication (RBA) Activity

X

Risk-Based Authentication (RBA) Users

X

X

X

X

Software Token

X

X

X

X

System Log Report

X

Token Expiration Report

X

X

X

X

User and User Group Lifecycle Activity

X

User and User Groups Missing from Identity Source

X

X

X

X

Users Enabled for On-Demand Authentication

X

X

X

X

Users Enabled for On-Demand Authentication Who Have Never Logged In

X

X

X

X

Users never logged in with token

X

X

X

X

Users with days since last login using specific token

X

X

X

X

Users with Disabled Accounts

X

X

X

X

Users with Tokens

X

X

X

X

Users with tokens set to online emergency access tokencode

X

X

X

X

Custom Reports

You can create and run customized reports describing system events and objects.

For example, you might create a report that shows all user accounts that are disabled. You can design the report to include relevant information such as User ID, name, identity source, and security domain.

You can create a report that shows administrator activities. For example, you can report on activities for all administrators, or you can display detailed information on one administrator.

You can create custom reports using the predefined report templates provided with Authentication Manager. Each template includes predefined variables, column headings, and other report information.

The template is the foundation for your custom report. The template offers a starting point for sets of data, including input parameters and output columns. You can decide which columns to show, apply data filters, and modify run options.