How to: Analysis Permissions
After defining the Critical Permissions the system can analyze the permissions. To analyze permissions go to monitoring > Critical Permissions. You can Analyze the Critical Permissions by selecting them all or just a few. If you want to select them all, click on the box in the header.
Click on the button Analysis. Based on the selection the system will analyze the permissions. A notification pops up, this can take some time.
When the analysis is finished you can find the results in the overview. By clicking on the number of results or clicking on the name of the Critical Permission, you open the Analysis result for the Critical Permission and the Analysis result for the Conflicting Critical Permissions.
The monitoring software generates results based on the objects (permissions) linked to the Critical Permissions. Results are depending on the setting Has to comply (see Setup Authorization Monitoring) on the Critical Permission and the setting And/Or RIMDX on the objects. The analysis is based on the last synchronization (normally at night) from Access Control and Permissions.
There are three types of permission results:
- Permission Set: the linked object is found in the Permission Set
- Organization Role: the Permission Set (with the linked object) is found in the Organization Role
- User: the Permission Set (with object) is linked to the User.
Analysis results in Conflicting Critical Permissions are based on defined Conflicts. There ae three types of conflicting Critical Permissions:
- Permission Set: the Conflicting Permissions are found in the Permission Set
- Organization Role: the Conflicting Permissions are found in Permission Sets that are linked to the Organization Role.
- User: the User is authorized for the objects that are defined in the Conflict.
It is also possible to review all the analysis results in the overview Analysis Results Critical Permission and the overview Analysis Results Conflicting Permissions in the menu Monitoring > Analysis > Results.