Chat now with support
Chat with Support

Identity Manager Data Governance Edition 8.0 - User Guide

Introduction Data Governance navigation node and views Administering Data Governance Edition Managing unstructured data access
Managing resource access Managing account access Working with security permissions Working with SharePoint security permissions Account access modeling Bringing data under governance
Classifying governed resources Managing governed resources using the web portal Data Governance Edition reports Troubleshooting Appendix: EMC, NetApp Filer, and SharePoint configuration details Appendix: PowerShell commands Appendix: Governed data attestation policies Appendix: Governed data company policies Appendix: Governed data risk index functions About us

Group members report

Active Directory security groups can become large over time due to unrestricted provisioning and de-provisioning. This report displays a group’s complete direct and indirect membership list.

Group owners can run this report for groups they own; Compliance officers and administrators can run the report against any group in the enterprise.

The report helps identify accounts that should be removed from a group to ensure least privilege within your network.

Group members comparison report

Administrators are often responsible for managing groups that have similar membership requirements. A quick glance may not easily distinguish one group from another. The Group Members Comparison report highlights where group membership differs between two or more groups.

Group owners can run this report for groups they own; Compliance officers and administrators can run the report against any group in the enterprise.

You can also use Account Comparison (in the Manager) to compare the group members access and simulate the effects of a change to group membership before actually applying any changes as a result of the report. For more information, see Account access modeling.

Member of report

It can be difficult to get an accurate representation of nested group membership. Users can be a member of a group through many levels of nesting, including local groups. This report shows a clear picture of an account’s full membership in indexed security groups.

Managers can run this report for any account they manage; Compliance officers and administrators can run the report against any account in the enterprise.

Member of comparison report

Two users who have been provisioned for similar roles may find that they have different levels of access due to differences in group membership. The Member of Comparison report helps identify these differences so they can be corrected.

Managers can run this report for any account they manage; Compliance officers and administrators can run the report against any account in the enterprise.

You can also use Account Comparison (in the Manager) to compare the group members access and simulate the effects of a change to group membership before applying any changes as a result of the report. For more information, see Account access modeling.

Related Documents