Role Members Report
This report shows the names of all Identities who are associated to each role that meets the specified report filters. Identities are considered "members" of a role if the role is in either their assigned or detected role set.
The detailed results of this report can be exported to a CSV or PDF file.
The Role Members Report consists of these sections:
-
Role Members Options – these options are described in the table below
All reports use a set of standard properties for basic information, such as naming and descriptions, and to set controls, such as scope and to require sign off.
You must enter the following before running this report:
-
Name
For step by step instructions on creating or editing a report, see Working With Reports.
Role Members Options
The following criteria determines what information is included in this report. You can use any combination of options to build a report.
Note: Selecting NO options from a list indicates that ALL options in the list are included in the report.
|
Option |
Description |
|
Role Status |
Include only active roles or only inactive roles in the report. |
|
Applications |
Select the applications to include in the report. If no applications are specified, all applications are included. Click the arrow to the right of the suggestion field to display a list of all applications, or enter a few letters in the field to display a list of applications that start with that letter string. |
|
Role Owners |
To filter roles by role owner, choose the owner(s) here. If no role owners are specified, the roles for all owners are included. Click the arrow to the right of the suggestion field to display a list of all role owners, or enter a few letters in the field to display a list of role owners that start with that letter string. |
|
Type |
To filter roles by type, select types here. If no types are selected. all types of roles are included. |
|
Empty Roles |
Filter for role membership: select All Roles, Only Empty Roles (to include only roles with no members) or Only Populated Roles (to include only roles with members assigned). |
|
Role Name |
Choose roles to include in the report, by name. Click the arrow to display a list of all roles, or enter a few letters in the field to display a list of roles that start with that letter string. Leave this field blank to include all roles. |
|
For the next four fields, the values you can choose are determined by the application(s) you have selected. If no application is selected, the dropdown will show all valid options for all applications in the system. If the application(s) you have selected do not have any valid options for the field, the dropdown is replaced by a text box. You can type in any values and click the plus icon to add them as criteria, but any invalid options entered in this way are "sanitized" when the report is run, and will not produce results or appear in the report's list of parameters. |
|
|
Entitlement Attribute |
Filter for roles that include the selected entitlement attribute(s). |
|
Entitlement Value |
Filter for roles that include the selected entitlement value(s). |
|
Permission Target |
Filter for roles that include the selected permission target(s). |
|
Permission Right |
Filter for roles that include the selected permission right(s). |
|
Profile Relationship to Role |
Filter roles by the role's profile relationship (direct or indirect). A profile is a set of entitlements on a specific application. Options are:
This filter is typically used in conjunction with an application, and the entitlement or permission filters. For example, to filter for a role that provides direct access to the PayrollControls permission target on the Oasis_DB application, you would select the Oasis_DB application, select PayrollControls in the Permission Target field, and choose Any direct relationships here. Note that some roles can grant both direct and indirect access to entitlements and permissions, so a role can potentially be returned by both the direct relationship and indirect relationship options. |