JAMS User ACL Audit Report

Follow

NOTE: This script was written and is intended for JAMS V7. Scroll down for the JAMS V6 version of the script. 

### This script will display the ACL information for the entire list of JAMS users stored in the Users shortcut,

### Import the JAMS module
Import-Module JAMS -EA SilentlyContinue

$Report = "C:\Temp\JAMSUsersAuditReport.txt"

### Get our user list
$usersList = Get-ChildItem JAMS::localhost\Credentials\* | Sort-Object -Property Name

$result = "`r`n`t`t`tJAMS User Access Security Report"
$result += "`r`n`t`t`t----------------------------------"

### Loop through each object and read the ACL information, displaying the entry for each

foreach ($user in $usersList){

    $result += "`r`n`r`nUser: $($user.UserName)"
    
    foreach ($ace in $user.Acl.GenericACL){
        
        $accessNames = ""
  
  
        if (($ace.AccessBits -band [MVPSI.JAMS.UserAccess]::Control) -ne 0){
            $accessNames = $accessNames + "Control "
        }
        if (($ace.AccessBits -band [MVPSI.JAMS.UserAccess]::Change) -ne 0){
            $accessNames = $accessNames + "Change "
        }
        if (($ace.AccessBits -band [MVPSI.JAMS.UserAccess]::Submit) -ne 0){
            $accessNames = $accessNames + "Submit "
        }
        if (($ace.AccessBits -band [MVPSI.JAMS.UserAccess]::GetPassword) -ne 0){
            $accessNames = $accessNames + "Get Password "
        }

        $result += "`r`n`r`n`tIdentifier: $($ace.Identifier)"
        $result += "`r`n`r`n`tAccess: $($accessNames.Trim() -split " " -join ", ")`r`n"
    }

}

$result | out-file $Report 

    

NOTE: This script was written and is intended for JAMS V6. 

    

### This script will display the ACL information for the entire list of JAMS users stored in the Users shortcut,

### Import the JAMS module
Import-Module JAMS -EA SilentlyContinue

$Report = "C:\Temp\JAMSUsersAuditReport.txt"

### Get our user list
$usersList = Get-ChildItem JAMS::localhost\Users\* | Sort-Object -Property Name

$result = "`r`n`t`t`tJAMS User Access Security Report"
$result += "`r`n`t`t`t----------------------------------"

### Loop through each object and read the ACL information, displaying the entry for each

foreach ($user in $usersList){

    $result += "`r`n`r`nUser: $($user.UserName)"
    
    foreach ($ace in $user.Acl.GenericACL){
        
        $accessNames = ""
  
  
        if (($ace.AccessBits -band [MVPSI.JAMS.UserAccess]::Control) -ne 0){
            $accessNames = $accessNames + "Control "
        }
        if (($ace.AccessBits -band [MVPSI.JAMS.UserAccess]::Change) -ne 0){
            $accessNames = $accessNames + "Change "
        }
        if (($ace.AccessBits -band [MVPSI.JAMS.UserAccess]::Submit) -ne 0){
            $accessNames = $accessNames + "Submit "
        }
        if (($ace.AccessBits -band [MVPSI.JAMS.UserAccess]::GetPassword) -ne 0){
            $accessNames = $accessNames + "Get Password "
        }

        $result += "`r`n`r`n`tIdentifier: $($ace.Identifier)"
        $result += "`r`n`r`n`tAccess: $($accessNames.Trim() -split " " -join ", ")`r`n"
    }

}

$result | out-file $Report 

    

Have more questions? Submit a request

Comments