Provided report scripts

The following report scripts are included with authentication and privilege elevation PowerShell. The scripts are typically installed in the following folder:

C:\Program Files\Centrify\PowerShell\Centrify.DirectControl.PowerShell\Reports

For details about script syntax, parameters, and examples, see the script help files. Execute the PowerShell Get-Help command to display the help for a script. For example, to display help details for the ZonesReport.ps1 script, execute the following command from the PowerShell command line:

PS> Get-Help .\ZonesReport.ps1 -Detailed
This script Reports this information Is equivalent to this Access Manager Report Center report

AuthorizationReportForComputers.ps1

Lists each computer in the zone and indicates which users are allowed to access each computer. This report applies to classic zones only. This report includes details from the user's UNIX profile for each user listed, including the user's Active Directory user name, UNIX user name, zone, UID, shell, home directory and primary group.

Classic Zone – Authorization Report for Computers

AuthorizationReportForUsers.ps1

Lists each user account in the zone and indicates which computers each user can access. This report applies to classic zones only. This report includes details from the user's UNIX profile for each user listed, including the user's UNIX user name, zone, UID, shell, home directory and primary group.

Classic Zone – Authorization Report for Users

ComputerEffectiveAuditLevelReport.ps1

Lists the audit level in effect for all authorized users on computers in each zone. This report applies to hierarchical zones only.

Hierarchical Zone – Computer Effective Audit Level

ComputerEffectiveRightsReport.ps1

Lists the privileges granted on each computer. This report applies to hierarchical zones only.

Hierarchical Zone – Computer Effective Rights

ComputerEffectiveRolesReport.ps1

Lists the roles assigned on each computer. This report applies to hierarchical zones only.

Hierarchical Zone – Computer Effective Roles

ComputerRoleAssignmentsReport.ps1

Lists the computer roles that are defined for each zone. The report includes the users and groups and their associated roles. This report applies to hierarchical zones only.

Hierarchical Zone – Computer Role Assignments

ComputerRoleMembershipReport.ps1

Lists the computer roles that are defined for each computer and the zone to which they belong. This report applies to hierarchical zones only.

Hierarchical Zone – Computer Role Membership Report

ComputersReport.ps1

Lists computer account information for each computer in each zone. The information displayed includes the computer account name in Active Directory, the computer's DNS name, the computer's operating system, and the version of the Centrify UNIX agent installed on the computer, if available.

Computers Report

GroupsReport.ps1

Lists group information for each group in each zone. The information that is displayed includes the Active Directory group name, the UNIX group name, the UNIX group identifier (GID), and whether the group is an orphan.

Groups Report

StaleComputersReport.ps1

Lists information about all authentication service-enabled computers that have not changed their password in a specified number of days (90 days by default).

Stale Computers Report

UnixUserEffectiveRightsReport.ps1

Lists the effective rights for each UNIX user on each computer. The report shows the name of the right, its type, and where it is defined. This report applies to hierarchical zones only.

Hierarchical Zone – UNIX User Effective Rights

UserAccountReport.ps1

Lists Active Directory account details for the users that have UNIX profiles in each zone. The report includes the Active Directory display name; the Active Directory logon name; the Active Directory domain for the account; and details about the account status, such as the date and time of the account's last logon, and whether the account is configured to expire, locked out, or disabled.

User Account Report

UsersReport.ps1

Lists information from the UNIX profile for each user in each zone. The report includes the user's Active Directory user name, UNIX user name, UID, shell, home directory, and primary group.

 

Users Report

WindowsUserEffectiveRightsReport.ps1

Lists the effective rights for each Windows user on each computer. The report shows the name of the right, its type, and where it is defined. This report applies to hierarchical zones only.

Hierarchical Zone – Windows User Effective Rights

ZoneDelegationReport.ps1

Lists the administrative tasks for each zone and the users or groups (trustees) that have been delegated to perform each task. When you grant administrative rights to designated users and groups, you make them "trustees" with permission to perform specific operations. This report indicates which users or groups have permission to perform specific tasks, such as add groups, join computers to a zone, or change zone properties.

Zone Delegation Report

ZoneRolePrivilegesReport.ps1

Lists the roles that are defined for each hierarchical zone and the rights granted by each of these roles, including where each right is defined.

Hierarchical Zone – Zone Role Privileges Report

ZonesReport.ps1

Lists the zone UNIX properties for each zone. This report includes the zone name, list of available shells, the default shell, the default home directory path, the default primary group, the next available UID, reserved UIDs, the next available GID, and reserved GIDs.

Zones Report