Security audit: Looking for a tool or script that lists al of the users in AD that have access to a folder on a computer

Similar Messages

• Looking for a way to log privilege adds even when the user has that priv

  We've run into a situation where we want IDM to log privilege adds/removes, even when that privilege already exists (for add) or doesn't exist (for remove) on a person.  Let me give some background.
  We are a small team working on an IDM project, each team member with 6-30 months of experience with the IDM product.  We're using 7.1.
  We have two systems, one of which is queryable and (certain) privileges updatable via REST API -- we'll call this system REST.  The second system of course is IDM.
  When an IDM privilege is added or removed, the business requirement is to always keep IDM and REST in sync, privilege-wise.  This is no problem and we have provisioning set up to make the API call, and it works great.  However, if there is a problem with the REST API (network issue, just plain down, etc.) this sync can't happen.  So, within the provisioning framework, if there is a failure, the failure is logged and the privilege is reverted, keeping REST and IDM synced.  A job runs regularly to check this log table and re-attempt the appropriate action, which of course will trigger provisioning again, hopefully successfully.
  The problem occurs in a situation like this, where each point comes in chronological order.
  1. User X gets privilege Y granted within an IDM UI.
  2. Provisioning triggers, but for some reason the REST API call fails (twice, because of retry).
  3. The failure task for the REST API call removes privilege Y from user X.  The error is logged.
  4. After a while, some job runs which removes privilege Y from all users whose names begin with X.  Even if the job explicitly removes privilege Y from user X, this is not logged in the system in any way, doesn't trigger provisioning, etc.
  5. After another while, the "retry job" runs and attempts action #1 again.  This time, the provisioning succeeds.  Now user X has privilege Y on both IDM and REST.  However, because of step 4, clearly user X should not have privilege Y.
  The same (well, reverse) issue occurs when removing the priv in step 1 and doing a grant in step 4.  During tests, one can just set up a To Identity Center step and remove/assign a privilege to an arbitrary person, then run the job containing this step repeatedly.  If the action has no net effect, there's no record (in, for example, sentries, oentries, or indeed in mxi_(old)values).  It would be great if there was a generic way to cause these actions to be logged, and we've actually thought of a couple other cases where this logging would be useful as well.  Is there some simple way?  Is it already logged in some esoteric table we haven't thought of?
  Any thoughts on this interesting scenario would be appreciated.  Thanks!

  Hi Chris,
  If I understand correctly, since you are using the log to ensure that the privileges are synced.
  Any chance you could enhance step 4 to remove information about the failed assignment from the log, so that it will not be retried?
  Note also, that this is improved in IdM7.2 and the framework. You will only get the privilege assigned after the add-member task has successfully assigned the privilege in the back-end system (which is what you are trying to achieve).
  Best regard
  John Erik Setsaas
  Development Architect IdM

• - Looking for Drop Down menu script w/ semi-transparent backgrounds...

  Looking for a dropdown menu script that will allow
  semi-transparent
  backgrounds (so we can partly see what the list is displaying
  over).
  I've Googled this to death using all the obvious keywords,
  but have yet to
  find what I'm looking for.
  Thanks.

  Yes. I understand and agree. Good point.
  Thanks.
  Al Sparber - PVII
  http://www.projectseven.com
  Extending Dreamweaver - Nav Systems | Galleries | Widgets
  Authors: "42nd Street: Mastering the Art of CSS Design"
  "T.Pastrana - 4Level" <[email protected]> wrote in message
  news:[email protected]...
  >I posted mainly for the benefit of Reese, I know you know
  this.
  >
  >
  > --
  > Best Regards,
  > ..Trent Pastrana
  > www.fourlevel.com
  >
  >
  >
  >
  >
  >
  > "Al Sparber- PVII" <[email protected]>
  wrote in message
  > news:[email protected]...
  >> Actually, it's not an error. But we do happen to
  have it in a CC on
  >> that page because the last time I posted that page
  on this forum it
  >> was criticized for "failing" the W3C CSS validator.
  >>
  >>
  http://www.projectseven.com/foxy.gif
  >>
  >> The Firefox console simply would report it as a
  warning - not an
  >> error. It would have no affect on the page. But
  thanks for pointing
  >> that out.
  >>
  >> --
  >> Al Sparber - PVII
  >>
  http://www.projectseven.com
  >> Extending Dreamweaver - Nav Systems | Galleries |
  Widgets
  >> Authors: "42nd Street: Mastering the Art of CSS
  Design"
  >>
  >>
  >>
  >>
  >> "T.Pastrana - 4Level" <[email protected]> wrote in
  message
  >> news:[email protected]...
  >>> If you want your page to validate you might want
  to separate the
  >>> properties. Some modern browsers like Firefox
  will throw an error
  >>> with the filter property.
  >>>
  >>> #menu li {
  >>> opacity: 0.85;
  >>> }
  >>>
  >>> <!--[if IE]><style
  type="text/css">#menu li {filter:
  >>>
  alpha(opacity=85);}</style><![endif]-->
  >>>
  >>>
  >>> --
  >>> Best Regards,
  >>> ..Trent Pastrana
  >>> www.fourlevel.com
  >>>
  >>>
  >>>
  >>>
  >>> "Al Sparber- PVII"
  <[email protected]> wrote in message
  >>> news:[email protected]...
  >>>> If, for example, you are using an unordered
  list for your menu, set
  >>>> opacity on the LI, like so:
  >>>>
  >>>> #menu li {
  >>>> opacity: 0.85;
  >>>> filter: alpha(opacity=85);
  >>>> }
  >>>>
  >>>> As far as I know, there are no
  "off-the-shelf" menu tools of worth
  >>>> that offer this as an automatic option. You
  should pick yourself a
  >>>> good menu system then set opacity on the
  relevant element. The
  >>>> menu "script" or "system" really has nothing
  to do with it.
  >>>>
  >>>> If you need a good base menu system, you can
  find free ones and
  >>>> commercial ones on our site. Here is an
  example of one with
  >>>> transparency:
  >>>>
  >>>>
  http://www.projectseven.com/products/menusystems/pmm/css_tweaks/opacity/
  >>>>
  >>>>
  >>>>
  >>>> --
  >>>> Al Sparber - PVII
  >>>>
  http://www.projectseven.com
  >>>> Extending Dreamweaver - Nav Systems |
  Galleries | Widgets
  >>>> Authors: "42nd Street: Mastering the Art of
  CSS Design"
  >>>>
  >>>>
  >>>>
  >>>>
  >>>> "Reese" <[email protected]> wrote in message
  >>>> news:[email protected]...
  >>>>> Looking for a dropdown menu script that
  will allow
  >>>>> semi-transparent backgrounds (so we can
  partly see what the list
  >>>>> is displaying over).
  >>>>>
  >>>>> I've Googled this to death using all the
  obvious keywords, but
  >>>>> have yet to find what I'm looking for.
  >>>>>
  >>>>> Thanks.
  >>>>>
  >>>>
  >>>
  >>>
  >>
  >
  >

• Looking for a tool to search text fields in about 1000 reports installed on Business Objects Xi R3

  Hi,
  i am looking for a tool, program that can search all our reports installed on Business Objects Xi R3 for specific content in text fields and formulas.
  We used a couple of years ago .rpt inspector, that worked pretty well for our purpose.
  Unfortunately  this is Win XP & Win Server 2003 only, so we can't reuse it anymore.
  (I know there are way of getting WinXP that in a VMware, but that is not an option in our company.)
  So i am interested , if there is another tool out there, which can help us?
  regards Alex
  btw we are using Business Objects XI R3 (SP7) with reports deisgned on crystal reports designer 2008

  Hi,
  i am looking for a tool, program that can search all our reports installed on Business Objects Xi R3 for specific content in text fields and formulas.
  We used a couple of years ago .rpt inspector, that worked pretty well for our purpose.
  Unfortunately  this is Win XP & Win Server 2003 only, so we can't reuse it anymore.
  (I know there are way of getting WinXP that in a VMware, but that is not an option in our company.)
  So i am interested , if there is another tool out there, which can help us?
  regards Alex
  btw we are using Business Objects XI R3 (SP7) with reports deisgned on crystal reports designer 2008

• Looking for a Tool

  I am an IT consultant with a client that conducts a wide range of activities including research, education, marketing, and sales. There are a variety of legal, regulatory and ethical standards that apply to these activities. Our task is to design/develop a system that allows the monitoring and tracking of our compliance in each of these area.
  I am looking for a tool that would allow me to design and develop the application quickly.
  Thanks very much for your help,
  Bruce Liang

  Bruce,
  There are several rapid application development (RAD) tools, most of which can be used to develop applications against an Oracle database. Oracle's offerings in this area are:
  Designer: This is our premium application development tool, suitable for extremely large, complex projects
  Developer: This applications development tool allows you to quickly create forms based applications.
  JDeveloper: Allows you to create Java based applications.
  The ramp-up time on the first tool might eliminate it from consideration (Designer has so many capabilities that we have an entire curriculum devoted to helping application developers get the most out of it). I've thrown together quick, relatively simple applications using Developer in a matter of hours, but you will find that any tool will be slow going at first until you get used to its environment.
  Of the non-Oracle offerings, my favorite has to be Inprise's Delphi. Like Oracle's Developer, it takes a while to get used to the development environment but I haven't seen too many things I wanted to do that couldn't be done in Delphi.

• TS4212 can anyone help please..  since iCloud  came on the scene  My all in one printer  keeps saying  it is not USB connected.  I have been  looking for over a week now   and even chatted  with the USA  but cannot get it to work

  can anyone help please..  since iCloud  came on the scene  My all in one printer  keeps saying  it is not USB connected.   what do I do
  I have been  looking for over a week now   and even chatted  with the USA  but cannot get it to work.
  I am really struggling

  Thanks
  someone named  Eloisa   she gave me   a phone no.   or visit hp.com/uk
  cannot make head nor tale of it all.  I am old.  and find everything hard to undertstand

• I am looking for a way or a PDF annotator app to use in a tablet that don't allow deletion as I edit.

  Hi All, I am looking for a way or a PDF annotator app to use in a tablet that don't allow deletion as I edit. I need to use in a controlled process that don't allow user to delete or erase edits once a mistake is made or a rewrite is needed. Thank you

  See How to call Adobe Acrobat 9 APIs to OCR the PDFs through .NET reply 4.

• What's the deal w/ Pages and Merge Fields. I've spent an hour looking for it and poof it's gone. What the ****?

  What's the deal w/ Pages and Merge Fields. I've spent an hour looking for it and poof it's gone. What the ****?

  https://discussions.apple.com/message/25419393#25419393
  Peter

• I purchased an Iphone 5 and I'm looking for a car charger, when will they be on the market?

  I purchased an Iphone 5 and I'm looking for a car charger, when will they be on the market?

  AppleIsMyHobby wrote:
  I would just advise that you be careful with old model chargers that were built for 30 pin to USB connectors for the old iPhones. They may not work for the iPhone 5 and/or they might damage the phone/battery etc. The best plan would be to wait for some kind of charger that was made for the iPhone 5.
  Nonsense; USB outputs are an industry standard, there is no danger in using a USB to Lightning cord to charge your iPhone 5.

• I want to check all functions of PCI 6534.I have read the user manual..I have some memory related questions.​Please help me for that.

  I want to check all functions of PCI 6534.I have read the user manual..I have some memory related questions.Please help me for that.
  1.)If i am using the continuous output mode.and the size of generated data is less than 32 MB.If i want to preload the memory,what should i do?I want that first of all i load all my data to onboard memory & then i want to make start the transfer between 6534 & peripheral.Is it possible?As per me it should be.Plz tell me how should i do this?I think that in normal procedure the transfer between 6534-peripheral & outputting data from pc buffer to onboard memory works parallely.But i don't want this.Is it poss
  ible?
  (2).Similarly in finite input operation(pattern I/O) is it possible to preload the memory and then i read it?Because i think that the PC memory will be loaded automatically when 6534 acquires the data and then when we use DIO read vi the pc buffer data will be transferred to application buffer.If this is true,i do not want this.Is it possible?
  (3) One more question is there if i am using normal operation onboard memory will be used bydefault right?Now if i want to use DMA and if i have data of 512 bytes to acquire.How will it work and how should i do it?Please tell me the sequence of operations.As per my knowledge in normal DMA operation we have 32 Bytes FIFO is there so after acquisition of 32 bytes only i can read it.How it will known to me that 32 bytes acquisition is complete?Next,If i want to acquire each byte separately using DMA interrupts what should i do?Provide me the name of sourse from which i can get details about onboard memory & DMA process of 6534 specifically
  (4).In 6534 pattern Input mode,if i want to but only 10 bits of data.and i don't want to waste any data line what should i do?

  Hi Vishal,
  I'll try to answer your questions as best I can.
  1) It is definitely possible to preload data to the 32MB memory (per group) and start the acquisition after you have preloaded the memory. There are example programs on ni.com/support under Example Code for pattern generation and the 6534 that demonstrate which functions to use for this. Also, if your PC memory buffer is less than 32MB, it will automatically be loaded to the card. If you are in continuous mode however, you can choose to loop using the on-board memory or you can constantly be reading the PC memory buffer as you update it with your application environment.
  2) Yes, your data will automatically be loaded into the card's onboard memory. It will however be transferred as quickly as possible to the DMA FIFO on the card and then transferred to the PC memory buffer through DMA. It is not going to wait until the whole onboard memory is filled before it transfers. It will transfer throughout the acquisition process.
  3) Vishal, searching the example programs will give you many of the details of programming this type of application. I don't know you application software so I can't give you the exact functions but it is easiest to look at the examples on the net (or the shipping examples with your software). Now if you are acquiring 512 bytes of data, you will start to fill your onboard memory and at the same time, data will be sent to the DMA FIFO. When the FIFO is ready to send data to the PC memory buffer, it will (the exact algorithm is dependent on many things regarding how large the DMA packet is etc.).
  4) If I understand you correctly, you want to know if you waste the other 6 bits if you only need to acquire on 10 lines. The answer to this is Yes. Although you are only acquiring 10 bits, it is acquired as a complete word (16bits) and packed and sent using DMA. You application software (NI-DAQ driver) will filter out the last 6 bits of non-data.
  Hope that answers your questions. Once again, the example code on the NI site is a great place to start this type of project. Have a good day.
  Ron

• How do I reset my security questions if I forgot the answers and don't have access to my email?

  I for got the answers to my security questions. I can't retrieve the answers because I don't have access to my old email account. how do I reset my security questions, if I forgot the answers and don't have access to my email?

  You need to ask Apple to reset your security questions; this can be done by clicking here and picking a method, or if your country isn't listed, filling out and submitting this form.
  They wouldn't be security questions if they could be bypassed without Apple verifying your identity.
  (111551)

• My parent's IPad is SUPER outdated and I'm trying to buy an app for my brother for Christmas. However, the computer that was connected to the IPAD, we no longer have. So is there any way I can update it on my mac without erasing all the photos and videos?

  My parent's IPad is SUPER outdated and I'm trying to buy an app for my brother for Christmas. However, I can't buy the app because it says we need to update the software. The thing is, the computer that was connected to the IPAD, we no longer have. So is there any way I can update it on my mac without erasing all the photos and videos?

  HELPPP ME BEFORE CHRISTMASS MORNING!!

• I tried to update the App that I purchased but the message told me that my Apple account is not valid for use outside of US and I must switch back to US store to able to do it. How can I switch the account from foreign countries back to US?

  I tried to update the App that I purchased but the message told me that my Apple account is not valid for use outside of US and I must switch back to US store to able to do it. How can I switch the account from foreign countries back to US?

  On your phone (from http://support.apple.com/kb/ht1311):
  Change your iTunes Store country
  Sign in to the account for the iTunes Store region you'd like to use. Tap Settings > iTunes & App Stores > Apple ID: > View Apple ID > Country/Region.
  Follow the onscreen process to change your region, agree to the terms and conditions for the region if necessary, and then change your billing information.

• New Adobe Photoshop elements 11-can not share pictures. I do use AOL email. Get error of "Elements 11 Organ. has stopped working,  I have looked into sharing tab and my only option is Adobe email settings.  I do have outlook set up to work on computer run

  New Adobe Photoshop elements 11-can not share pictures. I do use AOL email. Get error of "Elements 11 Organ. has stopped working,  I have looked into sharing tab and my only option is Adobe email settings.  I do have outlook set up to work on computer running windows 8.1  Please help, Mainly use to share pictures.  Thanks!

  One thing puzzles me:
  RedClayFarmer wrote:
  I then found one suggestion that the problem might involve permissions. The suggestion was to right click PhotoshopElementsOrganizer.exe in its installation folder (which on my computer is at at D:\Photo\Elements 11 Organizer) and run Organizer as an administrator. This also failed.
  I don't understand why running the exe from the installation folder would have worked.
  I would have simply tried to run that exe from its real location :
  Sorry, I can't help you more about permissions...

• I have 100 groups in planning for those 100 groups i want to build roles like interactive,view user,planner etc.for those how to change in export -import folder .xml file  in that edit  how  to change user roles in that xml it will generate automatic id.h

  I have 100 groups in planning for those 100 groups i want to build roles like interactive,view user,planner etc.for those how to change in export -import folder .xml file  in that edit  how  to change user roles in that xml it will generate automatic id.how to do that in xml file ?

  Thanks john for you are reply.
  I had tried what you sad.I open shared service in that foundation project i had export shared service.after that in import-export file.In that role.csv,user.csv,group.csv.Like this file have.When i open user file added some users after i trying save in excel it shown messgse
  I click yes and save the .csv file and import from share servie. i got error like this
  am i doing right way john.or explain clearly