Users and Permissions Report
Users, Groups, Roles and Permissions report shows information about each and every security entity (User, Group, Role and Permission) and their relationship in Controller.
Users, Groups, Roles and Permissions report is produced when:
- Events are extracted via Input.UsersGroupsRolesPermissions=
true - Report is requested via Output.UsersGroupsRolesPermissions=
true
Users, Groups, Roles and Permissions report has the following file name:
Report\UsersGroupsRoles.<Job File Name>.<Start Date and Time in yyyyMMddHHmm>.<Number Of Hours Spanned By Report>.xlsx
For example:
UsersGroupsRoles.demo2Ecommerce.2017091914.2.xlsx
The data for the report is in the following files:
- Report\RBAC\controller.rbac.csv
- Report\RBAC\group.memberships.csv
- Report\RBAC\groups.csv
- Report\RBAC\permissions.csv
- Report\RBAC\role.memberships.csv
- Report\RBAC\roles.csv
- Report\RBAC\user.permissions.csv
- Report\RBAC\users.csv
This sheet describes the parameters of the extraction and reporting job that produced this report.
| Column | Data Type | Purpose |
|---|---|---|
| Controller | URL | Controller that was queried |
| UserName | String | User that was used to retrieve data from the Controller |
| Application | String | Name of Application that was queried |
| ApplicationID | Integer | ID of Application in Controller |
| ApplicationType | String | Type of the Application |
This sheet provides quick access to the contents of this report and provides at-a-glance number of rows in each of the sheet’s tables.
| Column | Data Type | Purpose |
|---|---|---|
| Sheet Name | String | Name of the sheet in the report |
| Num Entities | Integer | Number of Entities in that sheet |
| Link | Hyperlink | Link to the sheet in the report |
This sheet provides information about security configuration of Controllers covered by this report.
| Column | Data Type | Purpose |
|---|---|---|
| Controller | URL | Controller that was queried |
| SecurityProvider | String | Type of security provider (INTERNAL, LDAP, SAML) configured on Controller |
| IsStrongPasswords | Boolean | Is the policy for strong password enforcement enabled |
| NumUsers | Integer | Number of Users configured in Controller |
| NumGroups | Integer | Number of Groups configured in Controller |
| NumRoles | Integer | Number of Roles configured in Controller |
This sheet provides information about all Users in all Controllers covered by this report.
| Column | Data Type | Purpose |
|---|---|---|
| Controller | URL | Controller that was queried |
| UserName | String | Name of the User |
| DisplayName | String | Display name of the User |
| String | Email of the User | |
| SecurityProvider | String | Type of security provider (INTERNAL, LDAP, SAML) for this User |
| CreatedBy | String | Username of the user who created this User |
| CreatedOn | DateTime | When was User created, local time |
| CreatedOnUtc | DateTime | When was User created, UTC time |
| UpdatedBy | String | Username of the User who updated this User |
| UpdatedOn | DateTime | When was User updated, local time |
| UpdatedOnUtc | DateTime | When was User updated, UTC time |
| UserID | Integer | ID of User |
This sheet uses data in 4.Users sheet as source for pivot table to enable summary reporting and ad-hoc drill-down.
Default configuration provides breakdown of Users by their Security Provider Type.
| Columns | Rows | Values | Filters |
|---|---|---|---|
| SecurityProvider | |||
| Controller | |||
| UserName | |||
| UserID (Count) | |||
| CreatedBy | |||
| UpdatedBy |
Example report showing all Users with "odievich" in their user name across 2 Controllers:
This sheet provides information about all Groups in all Controllers covered by this report.
| Column | Data Type | Purpose |
|---|---|---|
| Controller | URL | Controller that was queried |
| GroupName | String | Name of the Group |
| Description | String | Description of the Group |
| SecurityProvider | String | Type of security provider (INTERNAL, LDAP, SAML) for this Group |
| CreatedBy | String | Groupname of the Group who created this Group |
| CreatedOn | DateTime | When was Group created, local time |
| CreatedOnUtc | DateTime | When was Group created, UTC time |
| UpdatedBy | String | Groupname of the Group who updated this Group |
| UpdatedOn | DateTime | When was Group updated, local time |
| UpdatedOnUtc | DateTime | When was Group updated, UTC time |
| GroupID | Integer | ID of Group |
This sheet uses data in 5.Groups sheet as source for pivot table to enable summary reporting and ad-hoc drill-down.
Default configuration provides breakdown of Groups by their Security Provider Type.
| Columns | Rows | Values | Filters |
|---|---|---|---|
| SecurityProvider | |||
| Controller | |||
| GroupName | |||
| GroupID (Count) | |||
| CreatedBy | |||
| UpdatedBy |
Example report showing all Groups with "Admin" in their name:
This sheet provides information about all Roles in all Controllers covered by this report.
| Column | Data Type | Purpose |
|---|---|---|
| Controller | URL | Controller that was queried |
| RoleName | String | Name of the Role |
| Description | String | Description of the Role |
| NumPermissions | Integer | Number of Permissions in this Role |
| CreatedBy | String | Rolename of the Role who created this Role |
| CreatedOn | DateTime | When was Role created, local time |
| CreatedOnUtc | DateTime | When was Role created, UTC time |
| UpdatedBy | String | Rolename of the Role who updated this Role |
| UpdatedOn | DateTime | When was Role updated, local time |
| UpdatedOnUtc | DateTime | When was Role updated, UTC time |
| RoleID | Integer | ID of Role |
This sheet uses data in 6.Roles sheet as source for pivot table to enable summary reporting and ad-hoc drill-down.
Default configuration provides list of Roles.
| Columns | Rows | Values | Filters |
|---|---|---|---|
| Controller | |||
| RoleName | |||
| RoleID (Count) | |||
| CreatedBy | |||
| UpdatedBy |
Example report showing all Roles with "ReadOnly" in their name:
This sheet provides information about all Permissions in all Controllers covered by this report.
| Column | Data Type | Purpose |
|---|---|---|
| Controller | URL | Controller that was queried |
| RoleName | String | Name of the Role |
| PermissionName | String | Name of the Permission in this Role |
| Allowed | Boolean | Is the permission allowed |
| EntityName | String | Name of the entity to which permission applies, if not entire Controller |
| EntityType | String | Type of the entity to which permission applies |
| EntityID | Integer | ID of the entity |
| RoleID | Integer | ID of Role |
| PermissionID | Integer | ID of Permission |
This sheet uses data in 7.Permissions sheet as source for pivot table to enable summary reporting and ad-hoc drill-down.
Default configuration provides breakdown of Permissions assigned to Roles by their Allowed setting.
| Columns | Rows | Values | Filters |
|---|---|---|---|
| Allowed | |||
| Controller | |||
| RoleName | |||
| EntityName | |||
| PermissionName | |||
| PermissionID (Count) |
Example report showing all Roles with "Admin" in their name and their Allowed setting:
This sheet provides information about all Users and their assigned Permissions in all via direct Role and indirect Group assignments for all Controllers covered by this report.
| Column | Data Type | Purpose |
|---|---|---|
| Controller | URL | Controller that was queried |
| UserName | String | Name of the User |
| UserSecurityProvider | String | Type of security provider (INTERNAL, LDAP, SAML) for this User |
| GroupName | String | Name of the Group |
| GroupSecurityProvider | String | Type of security provider (INTERNAL, LDAP, SAML) for this Group |
| RoleName | String | Name of the Role |
| PermissionName | String | Name of the Permission in this Role |
| Allowed | Boolean | Is the permission allowed |
| EntityName | String | Name of the entity to which permission applies, if not entire Controller |
| EntityType | String | Type of the entity to which permission applies |
| EntityID | Integer | ID of the entity |
| UserID | Integer | ID of User |
| RoleID | Integer | ID of Role |
| GroupID | Integer | ID of Group |
| PermissionID | Integer | ID of Permission |
This sheet uses data in 8.User Permissions sheet as source for pivot table to enable summary reporting and ad-hoc drill-down.
Default configuration provides breakdown of Permissions assigned to Users via Roles or Groups by their Allowed setting.
| Columns | Rows | Values | Filters |
|---|---|---|---|
| Allowed | |||
| Controller | |||
| UserName | |||
| GroupName | |||
| RoleName | |||
| EntityName | |||
| PermissionName | |||
| PermissionID (Count) |
Example report showing all permissions for user with "odievich" in their name and their Allowed setting:
This sheet provides information about all Group memberships in all Controllers covered by this report.
| Column | Data Type | Purpose |
|---|---|---|
| Controller | URL | Controller that was queried |
| GroupName | String | Name of the Group |
| UserName | String | Name of the User |
| GroupID | Integer | ID of Group |
| UserID | Integer | ID of User |
This sheet provides information about all Role memberships in all Controllers covered by this report.
| Column | Data Type | Purpose |
|---|---|---|
| Controller | URL | Controller that was queried |
| RoleName | String | Name of the Role |
| EntityName | String | Name of the entity to which permission applies, if not entire Controller |
| EntityType | String | Type of the entity to which permission applies |
| EntityID | Integer | ID of the entity |
| RoleID | Integer | ID of Role |