LSA reports. OMG who allowed this to be considered a released product?

asztudenyak

This is nearly as bad as the old LAUA reports.  That I cannot enter a system code, or a security class, and retrieve the access rules that pertain to the class(es), is absurd.  Am I missing something?? 

I know I can run this for a profile, but since the resulting reports are unusable in the delivered format, and I have to spend time converting it to something readable, I darn sure don't want to do this for an entire profile. 

BMW Atlas.zip

unknown

You're not the first person to complain about the reports. I believe that there are 3rd-party solutions available, if you want to reach out for help. For me, I get the equivalent of a Security Class report by running the User Security Report. There are 4 columns, the left-most is for the user's Roles and I ignore that. The 2nd column lists the Security Class. That is the most detailed available. Works well for me. It will work as long as you list a person who has a Role that has the Security Class you are interested in.



My problem with this report comes from the LSA model where t he most permissive rule wins. I have to search for a program name multiple times. If a program is restricted for a user in one security class, it may show up in another security class with more permissions. Most permissive wins, so I have scan all the way through. If only there was a report that just showed the sum total of the permissions available to the user's Role, program by program. But there doesn't seem to be one.