Auditing user access to the ICA console

book

Article ID: 223644

calendar_today

Updated On:

Products

Information Centric Analytics

Issue/Introduction

Information Centric Analytics (ICA) console access can be granted to AD users (explicitly) and via AD groups (implicitly). Users and groups are managed in the console under Admin > Privileges.

Discrete user accounts can be added as individual Portal Users and can be added as members of Portal Groups. When AD groups are added as members of Portal Groups, AD users who are members of these AD groups inherit access to the console.

Environment

Release : 6.5.x

Component : Console

Resolution

The query in the attached script PortalUsers_Audit.sql will return a list of portal users and their associated portal groups and portal role assignments. To run this query, follow this procedure:

  1. Download PortalUsers_Audit.sql
  2. Using SQL Server Management Studio, connect to the database engine hosting the ICA database*
  3. From the File menu, select Open > File...
  4. In the Open File menu, navigate to the location in which you saved the script file
  5. Select the script file and click the Open button
  6. If prompted to connect to a database engine, select the server name and instance hosting the ICA database* and click the Connect button
  7. In the new query editor window containing the script, confirm the database name on line 1 matches the database name used for ICA in your environment, and change it if necessary
  8. Execute the script by pressing the F5 key, clicking the Execute button in the SQL Editor toolbar, or selecting Execute from the Query menu

* The default ICA database name is RiskFabric

The query in the attached script PortalGroups_Audit.sql will return a list of AD groups and their associated portal groups and portal role assignments. To run this query, follow the same procedure as above, replacing the file PortalUsers_Audit.sql with PortalGroups_Audit.sql on step 1.

Additional Information

For more information about portal user and role creation, refer to the following section of the Symantec Information Centric Analytics Administrator Guide:

https://techdocs.broadcom.com/us/en/symantec-security-software/information-security/information-centric-analytics/6-5-4/Administrator_Guide_1/privileges.html

Attachments

1631295043694__PortalGroups_Audit.sql get_app
1631295027474__PortalUsers_Audit.sql get_app