Reporting on Access Permissions

You can view current access permissions and print reports.

To report on current access permissions for users and groups in the application:

From the Home page, click Navigator and then under Monitor and Explore, click System Reports.
Click Access Control.
On Select User or Group, select from the available options.
From the left Available panel, select and move users or groups on which to report to the Selected panel.
From the left Available Objects panel, select and move objects on which to report to the Selected Objects panel.

Select reporting options:

For Show Matching Access of Type, select the access to view: Read, Write, or None.
For Group the Results By, select how to view the report: Users or Objects.

From the Report Type sections, select Assigned Access or Effective Access:

Table 4-2 Access Report Types

Report Type	Description	Options
Assigned Access	Summarizes access permissions that Service Administrators assign	Specify whether access permissions are assigned by member selection relation or group membership: Show matching access of relation: Member, Children, Children (inclusive), Descendants, or Descendants (inclusive). Show Inherited From Group: Shows access permissions inherited by users in a group.
Effective Access	Summarizes access permission assignments as the application evaluates them (for example, by member selection relation, such as children, or group membership). This is useful if there are conflicts in access permissions. Note: Effective Access reports can't be generated for groups.	Describe the origin of the effective access permissions by selecting Show effective access origin. For example, a user named JSomebody may be assigned Write access permissions to Entity1 and belong to a group named Sales that is assigned Read access permissions to Entity1. This setting would show that JSomebody has Write access permissions to Entity1 because individual assigned access permissions supersede access permissions inherited by group membership.

Report Type

Description

Options

Assigned Access

Summarizes access permissions that Service Administrators assign

Specify whether access permissions are assigned by member selection relation or group membership:

Show matching access of relation: Member, Children, Children (inclusive), Descendants, or Descendants (inclusive).
Show Inherited From Group: Shows access permissions inherited by users in a group.

Effective Access

Summarizes access permission assignments as the application evaluates them (for example, by member selection relation, such as children, or group membership). This is useful if there are conflicts in access permissions.

Note:

Effective Access reports can't be generated for groups.

Describe the origin of the effective access permissions by selecting Show effective access origin. For example, a user named JSomebody may be assigned Write access permissions to Entity1 and belong to a group named Sales that is assigned Read access permissions to Entity1. This setting would show that JSomebody has Write access permissions to Entity1 because individual assigned access permissions supersede access permissions inherited by group membership.

Click Create Report.