4.3 Active Directory Identity Enrichment

Starting with File Reporter 4.1 you can now provide extended data for identities in Custom Query reports or create identity reports for security principals in Active Directory.

4.3.1 Determining Prerequisites

  • File Reporter collects Active Directory identity data once per day by default.

    For instructions on running a collection manually, see Active Directory Identity Scans in the File Reporter 4.1 Administration Guide.

  • Decide whether you wish to extend an existing Custom Query file system metadata or permissions report or if you wish to report just on Active Directory identities themselves.

    • If extending an existing Custom Query report, determine whether that report data already includes the owner or permissions trustee Security Identifiers (SIDs) or GUIDs.

    • If reporting solely on Active Directory identities, determine which of the extended attributes to include in the report.

      See the table and view definitions for for details on available attributes.

4.3.2 Designing the Report

This example extends a “Direct User Assignment” Custom Query report which identifies user accounts that have been assigned permissions directly to folders (as opposed to using group membership) and shows a summary of the count of direct permissions per user by share path.

  1. From the Start menu, launch the File Reporter 4.1 Report Designer.

  2. Enter the login credentials and click Login.

    All of your saved Custom Query reports are listed.

  3. Click New Custom Query, give it a name, then click Create.

    The Report Designer Query Editor is launched.

  4. Enter the following SQL statements into the Query Editor:

    Basic Query - User Direct Permissions Summary

  5. Click Execute to see a preview of the report data.

    This query will produce a basic result similar to the following:

  6. Click Save to save the SQL entered so far.

  7. Augment the data by joining with the ad.ds_objects table to include the Active Directory user display_name and title fields.

    Enhanced Query - User Direct Permissions Summary

  8. Click Execute and see the updated results that include the title and display_name fields.