Skip to main content

SG_LocalPolicies Job

The SG_LocalPolicies job identifies privileged accounts with high levels of server access.

Analysis Tasks for the SG_LocalPolicies Job

Navigate to the Windows > Privileged Accounts > Logon Rights > SG_LocalPolicies > Configure node and select Analysis to view the analysis tasks.

warning

Do not modify or deselect the selected analysis tasks. The analysis tasks are preconfigured for this job.

Analysis Tasks for the SG_LocalPolicies Job

The default analysis tasks are:

  • Local Policies Summary – Creates the SA_SG_LocalPolicies_Details table accessible under the job’s Results node
  • Policy User Rank – Creates the SA_SG_LocalPolicies_PolicyUserRank table accessible under the job’s Results node. Also creates an interim processing table in the database for use by downstream analysis and report generation.
  • Trustee Rank – Creates the SA_SG_LocalPolicies_TrusteeRank table accessible under the job’s Results node. Also creates an interim processing table in the database for use by downstream analysis and report generation.
  • Calculate local amount policy details – Creates an interim processing table in the database for use by downstream analysis and report generation

In addition to the tables created by the analysis tasks, the SG_LocalPolicies job produces the following pre-configured reports.

ReportDescriptionDefault TagsReport Elements
Local Account Network AccessThis report highlights whether or not the Local accounts and Local account and member of Administrators group principals can be used to access a given host across the network.NoneThis report is comprised of two elements:
  • Stacked Bar Chart – Displays a local accounts access enterprise summary
  • Table – Provides local account network access details
Local Security PoliciesThis report identifies effective local security policy assignments. In particular, Allow log on locally, Log on as a batch job, Allow log on through Remote Desktop Services, and Log on as a service are considered. Special attention is paid to policies with a large number of trustee assignments. It displays Largest Policies by Number of Domain User Accounts in a graph format, and Trustee Details in a table format.GDPR, SOX, HIPAA, PCI-DSS, GLBA, ITAR, FERPA, FISMA, ISO27001This report is comprised of three elements:
  • Stacked Bar Chart – Displays largest policies by number of domain user accounts
  • Table – Provides details largest policies by number of domain user accounts
  • Table – Provides trustee details
Privileged AccountsThis report highlights user accounts with a large number of rights.NoneThis report is comprised of two elements:
  • Stacked Bar Chart – Displays top trustees by logon rights
  • Table – Provides details on all trustees