The Audit Department has asked me to provide a security report of all users and which folders in which repositories they have access to, as well as what type of access each user has to those folders. Apparently this is a Sarbanes-Oxley related request.
Is this something that Vault currently provides (that I can't seem to find) or is this something that can be done manually by querying the database? Apparently this is very important for them to have.
Thanks for any help!
Steven Hatfield
MassMutual Settlement Solutions
Security Report
Moderator: SourceGear
You could get this information "manually" by looking at the admin tool.
As for reporting, you could do this using a cursor and looping through each user (sgvault.dbo.tblusers) and for each distinct repository (sgvault.dbo.tblrepositories) (cursor #2), call sgvault.dbo.ufngetusersecurityrights(repid, userid, DEFAULT).
As for reporting, you could do this using a cursor and looping through each user (sgvault.dbo.tblusers) and for each distinct repository (sgvault.dbo.tblrepositories) (cursor #2), call sgvault.dbo.ufngetusersecurityrights(repid, userid, DEFAULT).
Jeff Clausius
SourceGear
SourceGear
Manual... ok.
Is there a way that I can get this information from the web service(s) provided by Vault? Maybe I could write a little C# project that would do this for us....
Thanks for any info,
Steven
Thanks for any info,
Steven
This is certainly possible. The admin service doesn't have a nice client side library like the regular vault client service does, but the web service itself is accessible.
You can use the command line source code as an example of how to get set up, and once you are connected to the admin service, you can issue the web service commands (see http://www.sourcegear.com/vault/downloads.html, Client API Installer for CLC source code).
Or, you can see Jeremy's blog at http://weblogs.asp.net/jeremy_sheeley/a ... 75860.aspx for how to set up a simple client. Note that Jeremy's client is a regular client, and not an admin client, so you'd need to create an admin connection using myClient.Init(VaultClientNetLib.VaultConnection.AccessLevelType.Admin).
You can see the available admin service commands from your vault server at http://[vaultserver]/VaultService/VaultAdminService.asmx
Email me using the button below if you run into any questions or problems.
You can use the command line source code as an example of how to get set up, and once you are connected to the admin service, you can issue the web service commands (see http://www.sourcegear.com/vault/downloads.html, Client API Installer for CLC source code).
Or, you can see Jeremy's blog at http://weblogs.asp.net/jeremy_sheeley/a ... 75860.aspx for how to set up a simple client. Note that Jeremy's client is a regular client, and not an admin client, so you'd need to create an admin connection using myClient.Init(VaultClientNetLib.VaultConnection.AccessLevelType.Admin).
You can see the available admin service commands from your vault server at http://[vaultserver]/VaultService/VaultAdminService.asmx
Email me using the button below if you run into any questions or problems.