Is there a session relevance inspector that will let me create a report to audit the console user rights? I am looking to determine if all of our users use a specific property that we consider the foundation for our security permissions.
unique values of values of (results (bes property “OS”, it)) of elements of administered computer set of bes user whose (name of it as lowercase = “ben”)
I am getting no results when I try and enter my ID where ben is located. I tried this a few different ways. I can get the following to return values:
names of elements of administered computer set of bes users whose (name of it as lowercase contains “ben”)
Looking at the code though, I don’t believe this is going to give me what I want. I believe this is trying to find a user and the computers that they can manage, then look at the properties of those computers to determine what they are.
I really need to see exactly what you would see if you clicked on “Operators” in the console, selected a user, then looked at the “Management Rights Assignments” tab. This “Management Rights Assignments” would be given to one or multiple properties to provide access. Is this possible using session relevance?
My concern is that some accounts are not being provisioned with the mandatory properties to restrict access.
I really need to see exactly what you would see if you clicked on “Operators” in the console, selected a user, then looked at the “Management Rights Assignments” tab. This “Management Rights Assignments” would be given to one or multiple properties to provide access. Is this possible using session relevance?
FYI for anyone else looking for something similar… if you’re assigning management rights based on automatic computer groups, this might work (it’s a hack):
((name of item 0 of (bes computer groups, it) whose (id of item 0 of it = item 1 of it) |
"?") of numeric values of ((substrings separated by
"group" of it) as trimmed string) whose (it does not start with
"((not" and it does not start with
"((exists ") of it, (preceding texts of firsts
"%22" of following texts of firsts
"AdminBy_" of it)) of applicability relevances of hidden bes actions whose (management rights flag of it =
true)