support Posted September 4, 2018 Share Posted September 4, 2018 Hi All, One of our customers emailed us with the following feature request, please up vote by adding a +1 if you like this idea: I just found out that the report “What permissions exist for a user?” only includes permissions granted specifically to that user. We are using lots of groups including AD groups and these permissions are not present in the report. Our first expectation was that these should be in there because when a user uses passwordstate he gets the both sets of permissions. We are using this report when somebody leaves the company to see which lists the user had access to, but we’re now missing out on lots of lists which have their permissions assigned via groups. I did find the “What passwords can a user see?” report which does seem to include more information, but it outputs all passwords individually as opposed to outputting the permissions individually. So it’s a bit of information overload in this report and requires a bunch of steps in excel to group all entries by password list. Also the report duplicates entries when a user is member of multiple groups and/or has personal permissions assigned. Would it be an idea to create an “What effective permissions exists for a user” which shows the effective permissions of a user? So: Permissions assigned to the user Permissions assigned to groups a user is member of Duplicate permissions are merged into 1 entry showing the highest permission (Admin > Modify > View > Guest) Regards, Support. Link to comment Share on other sites More sharing options...
Sarge Posted September 4, 2018 Share Posted September 4, 2018 +1 13 minutes ago, support said: Duplicate permissions are merged into 1 entry showing the highest permission (Admin > Modify > View > Guest) Duplicates should be displayed, or an option to merge them provided. The report can be useful for cleaning up duplicate permissions. Link to comment Share on other sites More sharing options...
Valentijn Scholten Posted September 5, 2018 Share Posted September 5, 2018 +1 (It was my email :)) Link to comment Share on other sites More sharing options...
GeoffO Posted September 21, 2018 Share Posted September 21, 2018 +1 Link to comment Share on other sites More sharing options...
Azkabahn Posted October 25, 2018 Share Posted October 25, 2018 +1 Also it is difficult to understand the situation where a user is duplicated many times when you look at the permission list. For example: User A has modify permissions for Record A User A has view permissions for Record B I will have the same user displayed 3 times: 2 for above permissions, 1 record under the guest column. Perhaps it would be possible to separate such views? One for password list level, second for individual records? Link to comment Share on other sites More sharing options...
support Posted October 26, 2018 Author Share Posted October 26, 2018 Hello Azkabahn, If you are applying permissions to individual Password records, then they user should only ever had Guest access to the Password List. You can then view their actual access to individual records from the 'Actions' menu for those records. If you are seeing something other than Guest access at the Password List, then they have also been given access to the full Password List, and you might want to spend some time cleaning up this duplication. Regards Click Studios Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now