Administration Guide > Composite Domain Administration > User Management > Auditing User Access to TDV Defined Resources
 
Auditing User Access to TDV Defined Resources
Administrators with the Read All Users and Modify All Resources rights can use the User Management page in Manager to get a single page view of all resource privileges held by any selected user or set of users.
Whether the privilege is explicit or implicit does not matter to the actual functionality provided to the user or group of users with that privilege.
To view all the resource privileges held by a user or a set of users
1. Open the User Management page from the Users tab selection in Manager.
2. Select a user or a group of users.
3. Click Edit Resource Privileges to display a list of all resource for which the selected user has more than one privilege.
All privileges assigned to the user (or selected group of users) for any TDV defined resource are displayed in the Edit Resource Privileges window.
The Edit Resource Privileges window allows for direct modification of user privileges. An administrator with the Modify All Resources right can add or remove explicitly assigned privileges for the user or set of users selected.
When more than one user is selected, different privilege settings for the same resource privilege will be represented by one of the following:
Users all have an explicitly assigned privilege which can be removed directly.
Some users have an explicitly assigned privilege while others do not have the privilege. Clicking this icon once will add an explicit privilege for all users/groups selected. Clicking it again removes all explicitly assigned privileges, and clicking the box a third time leaves the assignments unchanged.
Users have an implicitly derived privilege from either group membership or admin right. Implicit privileges can only be removed by either removing the user from the group (or groups) that grant that privilege, or by removal of the administrative right that grants that privilege.
Some users have an implicitly derived privilege while at least one other does not. Clicking this box once will assign explicit privileges to all users.
All users have both an explicit and implicit privilege. This kind of redundant assignment is harmless, unless of course they should not have this privilege at all.
Some users have an explicit privilege and others have an implicit privilege. Clicking the privilege check box once will assign the privilege explicitly to all users, clicking it a second time will remove all explicitly assigned privileges, and clicking that box a third time will leave the mixed privilege setting as it was originally.
4. Click any of these icons once to add an explicit privilege for all the users selected.
5. Click OK.