Identify the permissions of a user
Background / Value
ARM can also show you the user perspective, and which resources individual users have access to. This is important as it allows you to compare the rights of a given employee to the role that they fill in your organization. Here the "least privilege principle" applies. Employees who have changed departments several times often still have access rights from previous roles that could have been removed after taking on new roles.
Report: Where do users and groups have access to?
- Select Resources.
- Enter the name of the person whose access rights you want to analyze.
- Select the desired result in the "User" area.
- ARM activates the scenario "Where does a user/group have access"
- ARM shows all resources that Emily Employee can access.
- ARM shows all directories that Emily Employee can access on the file server.
- In this example we have focused on the Marketing directory.
- ARM shows the access rights for the Marketing directory.
- The green arrow indicates the user Emily Employee. This helps you identify which resources Emily Employee can access, based upon the individual permission paths.
- The green circle with the exclamation mark indicates that the access rights on this directory differ from the parent directory.