RSA Governance & Lifecycle Recipes: Chart - AD Account to User Summary
2 years ago
Originally Published: 2020-12-07

Version: V 7.2.x

Modules: Governance

Product Area: Charts, Single Series (Applied to Active Directory Summary Dashboard)

Associated Dashboards & Report:

Time to apply: ~20 minutes

 

Summary

This chart provides key information about AD accounts and their associated users.

The goal of this chart is to understand the risk of potential AD accounts, still owned by a user who is a "leaver"

The chart can be used by Admin/AD Teams to be get better visibility into the risk of accounts and to take action for those which are a risk.

This chart requires the key word: "addashboard" to be added within the description of the AD Account Collector. 
This key word can be added to more than one Account Collector if required.

pastedImage_6.png

 

Example Image (Click to enlarge)

pastedImage_1.png

 

Key Notes

  • This chart/report/dashboard is supplied "as is" - any modification of this item is done at your own risk. 
  • This chart has an associated report, please ensure you create this too.
  • If you have issues applying this chart/report/dashboard, please comment below for help, DO NOT contact the RSA Support team.
  • If you would like more assistance with this chart/report/dashboard or for help in creating other chart/report/dashboards, then RSA Professional Services (RSA PS) is available to help.
    • Please contact your RSA Account Manager or local RSA Sales Rep or reply below for further assistance.

 

Details

This chart includes a breakdown of all the different accounts within AD and if they are associated to an active or "leaver" user. 

The value are shown as a percentage, however if you move over the Pie chart, it will also show the exact value.

 

Chart SQL

First test this in your query tool (SQLDeveloper, Toad etc..)

‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍
(SELECT INFORMATION, TOTAL FROM
(
SELECT
'Terminated Users with Active Accounts' as Information,
count(distinct pACC.ID) as Total
FROM avuser.PV_USER_ACCOUNT_MAPPING pUAM
LEFT JOIN avuser.V_DATA_COLLECTORS vDC
ON pUAM.ADC_ID = vDC.ID
LEFT JOIN avuser.PV_USERS pUSR
ON pUAM.USER_ID = pUSR.ID
LEFT JOIN avuser.PV_ACCOUNT pACC
ON pUAM.ACCOUNT_ID = pACC.ID
WHERE LOWER(vDC.DESCRIPTION) LIKE '%addashboard%'
and pACC.IS_DISABLED = 0
--and pUSR.DELETION_DATE IS NULL
and pUSR.IS_TERMINATED = 'True'
UNION ALL
SELECT
'Active Users with Active Accounts' as Information,
count(distinct pACC.ID) as Total
FROM avuser.PV_USER_ACCOUNT_MAPPING pUAM
LEFT JOIN avuser.V_DATA_COLLECTORS vDC
ON pUAM.ADC_ID = vDC.ID
LEFT JOIN avuser.PV_USERS pUSR
ON pUAM.USER_ID = pUSR.ID
LEFT JOIN avuser.PV_ACCOUNT pACC
ON pUAM.ACCOUNT_ID = pACC.ID
WHERE LOWER(vDC.DESCRIPTION) LIKE '%addashboard%'
and pACC.IS_DISABLED = 0
--and pUSR.DELETION_DATE IS NULL
and pUSR.IS_TERMINATED = 'False')
)

Example of the results:

pastedImage_3.png

 

Chart Implementation

  1. Log into RSA IGL as a user who can create charts. In my example, im using AveksaAdmin
  2. Go to "Reports" / "Charts"
  3. Select "+ Create Chart" button
    pastedImage_4.png
  4. Under the "General Tab" add the following details:
    • Name: QS - AD Account to User Summary
    • Description:

      From RSA IGL Link Community. This chart displays the percentage of accounts owned by active or terminated user for Active Directory.

      Note: This chart requires the key word: "addashboard" to be added within the description of the Account Collector.

    • Type = Single Series Chart
      pastedImage_4.png
       
  5. Under the "Query" Tab, copy the SQL from above.
  6. "Press the "Preview" button, you should see some results, as per the example image below. 
    If you get an error at this stage, please test your SQL in a Query tool, like "SQL Developer" or "SQL Squirrel" to ensure it works first. 
If it still doesn't work, please share your SQL and a screen shot of the issue below. DO NOT contact RSA Support 
    pastedImage_3.png
     
  7. Under the "Columns" Tab, please use the configuration shown in the image below
    pastedImage_5.png
     
  8. Under the "Display Attributes" tab, you should select "PIE 2D". Please also apply these settings, however you can update the wording with what is best for you.
    • Under "Title and Axis Names"
      • Caption: AD - Account to User Summary
      • Sub Caption: NOTE: Run Tabular Report 'AD Account to User Summary' for list of Terminated Users with Active Accounts
        pastedImage_6.png
         
    • Under "Functional attributes"
      • Palette: 1
      • Select "Show percent values" = Ticked
      • Select "Animation" = Ticked
        pastedImage_11.png
          
         

        There are MANY other "display attributes" you can play with on this screen, so please update and make changes as you see fit. 

  9. Save the new chart

pastedImage_7.png

 

Related Articles

Trending Articles

Don't see what you're looking for?