15 votes10 comments · ShareGate Desktop Suggestions » 05- Audit & Usage · Flag idea as inappropriate… · Admin →
An error occurred while saving the commentwayne.zander commented
I created a custom report that shows all users that have Full Control access to a site collection. I am able to include only those where their permission levels contain "Full Control" and also exclude farm admin and system accounts. It would be beneficial to be able to include the account that granted the user/user group Full Control access.
This information is available on the Permission Matrix report. I realize the Permission Matrix report (PMR) is driven by SharePoint's audit log and whether it is enabled and how long the retention time is set. It seems like the PMR runs by just chugging through the data. I don't know if the audit log is indexed in any way to allow easy lookup. If it is not, it looks like we would need to find a way to merge the 2 reports to get the information we are looking for.
The PMR already allows the specification of specific user groups. It would be good to be able to specify which groups to EXCLUDE and/or include only individuals or groups with a certain permission level. This could work also, although it would not allow for a complete audit of permissions, only those that are in SharePoint's audit log.
25 votesLP Lavoie responded
We understand this need, but seeing as it is fairly trivial to do in SharePoint Management Shell, for the time being we’re concentrating our efforts on more complex scenarios that have no easy alternative.