Enterprise Reporter 3.5.1 - Report Manager User Guide

Table 15. Security Explorer Remediation Reports
Report Name	Description
Active Directory
Active Directory Permissions for Account with Actions	Shows the Active Directory permissions for an account, including permissions derived through group membership. Click any link in the report to open Security Explorer and manage the object’s permissions. Contains parameters to select the domains, organizational units, object types, and permissions to be included in the report. You can choose to show only permissions inherited from a parent, only explicit permissions, or to show both.
Active Directory Permissions for Account with Membership and Actions	Shows the Active Directory permissions for an account, including permissions derived through group membership. If you choose to include nested groups, membership of the groups is displayed. Click any link in the report to open Security Explorer and manage the object’s permissions. Contains parameters to select the domains, organizational units, object types, and objects to be included in the report. You can choose to show only permissions inherited from a parent, only explicit permissions, or to show both. Also contains a parameter to include nested group memberships and options for how they are displayed in the report.
Active Directory Permissions with Actions	Shows all Active Directory permissions for the selected domains and Active Directory objects. Click any link in the report to open Security Explorer and manage the object’s permissions. Contains parameters to select the domains, organizational units, object types, objects, and accounts to be included in the report. You can choose to show only permissions inherited from a parent, only explicit permissions, or to show both.
Domain Groups and Members with Actions	Shows group memberships for the selected domains and groups. If you choose to include nested groups, membership of the groups is displayed. Click any link in the report to open Security Explorer and manage the object’s permissions. Contains parameters to select domains, organizational units, and domain groups. Also contains a parameter to include nested group memberships and options on how they are displayed in the report.
Domain Groups with Probable Owner with Actions	Shows the domain groups with members for the selected domains and suggests the account that manages the highest percentage of members as the probable group owner. Click any link in the report to open Security Explorer and manage the group's membership and properties. Contains a parameter to select the domains to be included in the report.
Domain Users with Actions	Shows domain users for the selected domains. Click any link in the report to open Security Explorer and manage the object’s permissions. Contains parameters to select domains, organizational units, and accounts. Also contains options to include only disabled or locked domain user accounts.
Group Managed Service Accounts and Members with Actions	Shows all the managed service accounts and their members for the selected domains. Contains parameters to select the domains, organizational units, and managed service accounts to be included in the report.
Managed Service Accounts and Members with Actions	Shows all the managed service accounts and their members for the selected domains. If you choose to include nested groups, membership of the group members is displayed. Contains parameters to select the domains, organizational units, and group managed accounts to be included in the report.
Computer
Local Groups and Members with Actions	Shows the group memberships for the selected computers and groups. If you choose to include nested groups, membership of the groups is displayed. Click any link in the report to open Security Explorer and manage the object’s permissions. Contains parameters to select domains, computers, and local groups. Also contains a parameter to include nested group memberships and options on how they are displayed in the report.
Local Users with Actions	Shows local users for the selected computers. Click any link in the report to open Security Explorer and manage the object’s permissions. Contains parameters to select the domains, computers, accounts, and the status of accounts. If you want to report on all included users regardless of their account status (locked/unlocked, disabled/enabled), choose No value specified.
Printer Permissions with Actions	Shows printer permissions for the selected computers and printers. Click any link in the report to open Security Explorer and manage the object’s permissions. Contains parameters to select domains, computers, printers, and accounts.
Service Permissions with Actions	Shows service permissions for the selected computers and services. Click any link in the report to open Security Explorer and manage the object’s permissions. Contains parameters to select domains, computers, services, and accounts.
Share Permissions with Actions	Shows share permissions for the selected computers and shares. Click any link in the report to open Security Explorer and manage the object’s permissions. Contains parameters to select domains, computers, shares, type of shares, and accounts.
Exchange
Mailbox Permissions with Actions	Shows mailbox permissions for the selected servers. Click any link in the report to open Security Explorer and manage the object’s permissions. Contains parameters to select organizations, servers, mailbox stores, mailboxes, and types of permissions to be included in the report. Contains a hidden parameter to include, by default, only Exchange servers running the Mailbox server role.
Public Folder Permissions with Actions	Shows folder permissions for the selected servers and public folders. Click any link in the report to open Security Explorer and manage the object’s permissions. Contains parameters to select organizations, servers, public folders, accounts, and types of permissions to be included in the report. Also includes the options to exclude specific public folders and to filter inherited or explicit permissions. Contains hidden parameters to include, by default, only Exchange servers running the Mailbox server role, and to exclude, by default, system public folder information.
Microsoft SQL Server
SQL Database Object Permissions with Actions	Shows SQL database objects and their permissions. Click any link in the report to open Security Explorer and manage the object’s permissions. Contains parameters to select SQL servers, instances, and databases. Also contains parameters to select object types, permission types, and object permissions.
SQL Database Schema Permissions with Actions	Shows database schemata and their assigned permissions in the database. Click any link in the report to open Security Explorer and manage the object’s permissions.Contains parameters to select SQL servers, instances, databases, and object permissions.
NTFS
File Permissions with Actions	Shows file permissions for the selected computers and paths. Click any link in the report to open Security Explorer and manage the object’s permissions. Contains parameters to select computers, paths, accounts, and organizational units. Also contains options to show only permissions inherited from a parent, only explicit permissions, or both.
Files by Owner with Actions	Shows files for the selected computers and owners. Click any link in the report to open Security Explorer and manage the object’s permissions. Contains parameters to select computers and owners to be included in the report.
Folder Permissions with Actions	Shows folder permissions for the selected computers and paths. Click any link in the report to open Security Explorer and manage the object’s permissions. Contains parameters to select computers, paths, accounts, and organizational units. Also contains an option to show only permissions inherited from a parent, only explicit permissions, or both.
Folders by Owner with Actions	Shows folders for the selected computers and owners. Click any link in the report to open Security Explorer and manage the object’s permissions. Contains parameters to select computers and owners to be included in the report.
Registry
Registry Permissions with Actions	Shows registry permissions for the selected computers. Click any link in the report to open Security Explorer and manage the object’s permissions. Contains parameters to select domains, computers, keys, and accounts to be included in the report.

Report Types Included in Enterprise Reporter

The report types included in Enterprise Reporter are used to determine what fields can be included in each report. A report can only contain fields from one report type. For more information on editing existing reports, see Editing Reports . For more information on creating new reports, see Creating New Reports .

The following tables outline each category of report types included in Enterprise Reporter Report Manager.

Active Directory Report Types

Table 16. Active Directory Report Types
Report Type	Description
Account Membership	Provides information on domain accounts and the groups of which they are a member. Contains fields for the domain group member as well as its related domain and organizational unit.
Accounts	Provides information on accounts in an Active Directory domain. Contains fields for the domain account as well as its related domain and organizational unit. Domain accounts can be users and groups.
Change History	Provides a list of changes made over time to all objects collected in an Active Directory domain. Contains fields for the domain, domain change history, and change history details.
Computers	Provides information on computers in an Active Directory domain. Contains fields for the domain computer as well as its related domain and organizational unit. Contains only information retrieved from Active Directory. For physical computer fields, please select the Computer \| Computer report type.
Contacts	Provides information on contacts in an Active Directory domain. Contains fields for the domain contact as well as its related domain and organizational unit.
Deleted Objects	Provides information on objects in the Deleted Objects Container in an Active Directory domain. Contains fields for the deleted object as well as its related domain.
Domain Controllers	Provides information on domain controllers in an Active Directory domain. Contains fields for the domain controller as well as its related domain and organizational unit.
Domain Group Membership Change History	Provides information on group membership changes in a domain. Contains fields for Domain, Domain Group, Domain OU, and Common Change History.
Domains	Provides information on an Active Directory domain.
Group Members	Provides information on domain groups and their members. Contains fields for the domain group, its related domain and organizational unit as well as the member accounts. Domain user and domain group fields are available for the member account as well as an option to expand the membership.
Groups	Provides information on groups in an Active Directory domain. Contains fields for the domain group as well as its related domain and organizational unit.
Object Permissions	Provides permission information on Active Directory objects. Contains fields for the domain object, the permission, the permissioned account as well as its related domain and organizational unit. Domain user and domain group fields are available for the permissioned account.
Organizational Units	Provides information on organizational units in an Active Directory domain. Contains field for the domain object and the domain organizational unit.
Published Printers	Provides information on printers published in an Active Directory domain. Contains fields for the printer as well as its related domain and organizational unit.
Published Shares	Provides information on shares published in an Active Directory domain. Contains fields for the share as well as its related domain and organizational unit.
Service Account Members	Provides information on service accounts and their members in an Active Directory domain. Contains fields for the domain service account, it’s related domain and organizational unit as well as the related member accounts.
Service Accounts	Provides information on service accounts in an Active Directory domain. Contains fields for the domain service account as well as its related domain service account members that have the permission to retrieve password.
Sites	Provides information on sites in an Active Directory domain. Contains fields for the domain site and its related domain.
Trusts	Provides information on trusts in an Active Directory domain. Contains fields for the domain trust and its related domain.
Users	Provides information on users in an Active Directory domain. Contains fields for the user as well as its related domain and organizational unit.

Azure Active Directory Report Types

The following table outlines the report types that are available for Azure Active Directory reports. Many of these report types can be extended to include additional fields. When editing a report, in the Available Fields area, the option to extend the report type is indicated by a special folder icon next to object names underlined in blue. You can right click the object names to see the available type of account objects that can be added. For detailed steps on extending the report type, see To extend a report type .

Table 17. Azure Active Directory Report Types
Report Type	Description
Azure Application Permissions	Provides information on Azure Active Directory Tenant Application Permissions. Contains fields for Azure Tenant, Azure Application, Azure Application Permission, and Azure Identity.
Azure Application Service Principals	Provides information on Azure Active Directory Tenant Applications’ Service Principals. Contains fields for Azure Tenant, Azure Application, and Azure Service Principal.
Azure Applications	Provides information on Azure Active Directory Tenant Applications. Contains fields for Azure Tenant and Azure Applications.
Azure Contacts	Provides information on Azure Active Directory tenant contacts. Contains fields for Azure Tenant and Azure Contact.
Azure Device Members	Provides information on Azure Active Directory tenant device members. Contains fields for Azure Tenant, Azure Device, and Azure Device Member.
Azure Devices	Provides information on Azure Active Directory tenant devices. Contains fields for Azure Tenant and Azure Device.
Azure Domains	Provides information on Azure Active Directory tenant domains. Contains fields for Azure Tenant and Azure Domain.
Azure Group Members	Provides information on Azure Active Directory tenant group members. Contains fields for Azure Tenant, Azure Group, and Azure Group Member.
Azure Groups	Provides information on Azure Active Directory tenant groups. Contains fields for Azure Tenant and Azure Group.
Azure Identities	Provides information on Azure Active Directory tenant identities. Contains fields for Azure Tenant and Azure Identity.
Azure Identity Membership	Provides information on Azure Active Directory tenant identity membership. Contains fields for Azure Tenant, Azure Identity, and Azure Group.
Azure Identity Roles	Provides information on Azure Active Directory tenant identity roles. Contains fields for Azure Tenant, Azure Identity, and Azure Role.
Azure Risky Users	Provides information on risky users in Azure Active Directory. Contains fields for Azure Tenant, Risky User, and Azure User.
Azure Roles	Provides information on Azure Active Directory tenant roles. Contains fields for Azure Tenant, Azure Role, and Azure Role Member.
Azure Service Plan Users	Provides information on Azure Active Directory tenant service plan users. Contains fields for Azure Tenant, Azure Subscription, Azure Service Plan, and Azure User.
Azure Service Principal Members	Provides information on Azure Active Directory tenant service principal members. Contains fields for Azure Tenant, Azure Service Principal, and Azure Service Principal Member.
Azure Service Principals	Provides information on Azure Active Directory tenant service principals. Contains fields for Azure Tenant and Azure Service Principal.
Azure Tenant Service Plans	Provides information on Azure Active Directory tenant service plans. Contains fields for Azure Tenant, Azure Subscription, and Azure Service Plan.
Azure Tenant Subscriptions	Provides information on Azure Active Directory tenant subscriptions. Contains fields for Azure Tenant and Azure Subscription.
Azure Tenants	Provides information on Azure Active Directory tenants. Contains fields for Azure Tenant and for Azure and on-premises Password Protection settings.
Azure User Subscriptions	Provides information on Azure Active Directory tenant user subscriptions. Contains fields for Azure Tenant, Azure User, Azure Service Plan, the Azure Subscription.
Azure Users	Provides information on Azure Active Directory tenant users. Contains fields for Azure Tenant and Azure User.

Seleziona il prodotto:

Per una maggiore efficacia, compilare l'Obiettivo della chat:

Soluzioni consigliate per il problema

Enterprise Reporter 3.5.1 - Report Manager User Guide

Security Explorer Remediation Reports

Report Types Included in Enterprise Reporter

Active Directory Report Types

Azure Active Directory Report Types