The sereport utility provides HTML reports, accessible from a web browser, of database and Policy Model information. sereport operates on the current database used by the authorization engine.
You can set sereport options for the utility:
By default, this is ACInstallDir/etc/sereport.cfg
HKEY_LOCAL_MACHINE\SOFTWARE\ComputerAssociates\AccessControl\Report
The reports you can generate, their description and corresponding configuration file settings or registry keys are shown in following table.
Report Number |
Title and Description |
Section\Subkey |
Tokens\Entries |
---|---|---|---|
1 |
Administrative Privileges Display specified administrative privileges of users. |
admin_report |
|
2 |
Login Limitation Display login limitations of users. |
disablelogins_report |
|
3 |
Dormant Accounts Display inactive accounts by date (days). If an account does not have any login information, the create time is used to calculate dormant days. |
dormant_report |
|
4 |
Last Login Display last login date of users. |
login_report |
|
5 |
Password Change Display list of users whose passwords must be changed within the specified number of days. |
passwd_report |
|
6 |
Warning Mode Display resources with objects in warning mode. |
warning_report |
|
7 |
Untrusted Programs Display programs in untrusted mode. |
untrust_report |
|
8 |
Users' Privilege Access Rights Show access privileges of users to specified resources. |
accessor_report |
|
9 |
Compare users/groups in databases Display users and groups that are defined in some but not all, databases. |
grp_usr_compare |
|
10 |
Compare Protected Resources Display whether resources are defined in the specified databases. |
res_compare |
|
11 |
Compare Access Rights Display the differences in resource restrictions between a Policy Model and a subscriber database. |
acc_compare |
|
12 |
Compare Users' Information Display differences in user definitions between a Policy Model and a subscriber database. |
usr_compare |
|
13 |
Compare PMDB and Subscriber Display the rules (as defined by the Class_Name and Object_pattern tokens) that exist on the PMDB, but do not exist on the subscriber database. Note: If all of the rules on the PMDB exist on the subscriber database, then the databases are reported as IDENTICAL. |
pmdb_compare |
|
Specifies the pattern (mask) for accessor selection. Use * to select all accessors.
Specifies a list of classes.
Specifies the number of days left until the user is requested to change passwords.
Specifies the period the account is to be considered dormant.
Specifies a list of hosts from which the data is retrieved.
Specifies the pattern (mask) for object selection. Use * to select all objects.
Specifies attributes associated with the objects.
(UNIX only) Specifies the full path location where the report is printed.
Note: On Windows, you define the location of the output using the -f option of the command.
Specifies a comma-separated list of user modes.
You can also find the following additional configuration settings in the colors section\key:
Specifies the color of the report's title.
Specifies color of the report's class_title.
(UNIX only) Specifies the color of the title report's background. The background and logo must be written in full path.
Creates the logo. The background and logo must be written in full path.
Copyright © 2013 CA Technologies.
All rights reserved.
|
|