Security Criteria

Use the Security Criteria tab to define criteria for reports on permissions for Functional or Object Security privileges. Permissions apply to users and groups defined in roles in an Access Control Domain (ACD).

Functional Security reporting lists permissions defined in the (Default) ACD. Object Security reporting lists permissions defined in the ACD associated with the Access Control List (ACL) that secures a specified object. For more information about ACDs, ACLs, and security privileges, see Optim Security.

Report Request Editor - Security Criteria tab - User Criteria Type

Criteria Type

Select a Security Report type:

User
Lists Functional Security permissions for specified users and groups.
Function
Lists all Functional Security permissions for selected privileges.
Object
Lists Object Security permissions for specified users and groups that apply to specified objects and the ACL that secures each object.

Server Name

For User and Object Security Reports. Select the name of an Optim Server or the (Local) workstation that the Report Process will use to verify user and group names. The machine must be part of the domain or node where the accounts of the user and group names in the report are defined.

User Report

The User Security Report lists Functional Security permissions for specified users and groups. The report lists each privilege class and permissions for the associated privileges as well as the role to which a permission applies.

If a user is a member of a group for which Functional Security is defined, the group is included. You can use wild cards for criteria.

Domain and User/Group

Enter user or group names in the format domain\name, or “everyone” to include all group and user names in all domains and nodes. Enter one name per line.

You can use percent (%) as a wild card character, but the pattern must use the domain\name format. For example, dom\n% or %\%.

Function Report

The Function Security Report lists Functional Security permissions assigned to each user and group for selected privileges as well as the role to which they apply.

The tab is divided into two grids, one for privilege classes and one for privileges that are included in the selected privilege class. For a description of Functional Security privilege classes and privileges, see Functional Privileges Tab.

Report Request Editor - Security Criteria tab - Function Criteria Type

Privilege Classes

Use the Privilege Classes grid to display associated privileges in the Privileges grid. You can also use the Privilege Classes grid to select all associated privileges for reporting or clear all associated privileges selected for reporting.

To select a row in the Privilege Classes grid, click a row indicator cell or either a Report All or Clear All cell. The grid arrow, , indicates the class of privileges displayed.

To include all associated privileges in the report, select Report All. To remove all selections in the Privileges grid, select Clear All.

Privileges

Use the Privileges grid to select privileges to include in the report. To include a privilege, select Report.

Shortcut Menu Commands

Right-click the Privileges Classes grid to display the following shortcut menu commands:

Report All Classes
Select Report All for all privilege classes.
Clear All Classes
Select Clear All for all privilege classes.

Right-click the Privileges grid to display the following shortcut menu commands:

Report All
Select Report for all privileges.
Clear All
Clear Report for all privileges.

Object Report

The Object Security Report lists Object Security permissions assigned to specified users or groups for specified Optim objects and the ACL that secures each object. You can use wild cards for criteria. The report is sorted alphabetically by object type.

Note: The Object Security Report allows you to view permissions for ACLs for which you do not have read access.
Report Request Editor - Security Criteria tab - Object Criteria Type

Object Type

Select an object type.

Object Name

Enter an object name. You can use percent (%) as a wild card character, but the pattern must match the object name format. For example, if an object uses a two-part name, enter own%.nam%.

Domain and User/Group

Enter user or group names in the format domain\name, or “everyone” to include all group and user names in all domains and nodes. Enter one name per line.

You can use percent (%) as a wild card character, but the pattern must use the domain\name format. For example, dom\n% or %\%.



Feedback